Vulnerabilities > Plixer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-12 | CVE-2023-41261 | Improper Authentication vulnerability in Plixer Scrutinizer An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. | 5.3 |
| 2023-10-12 | CVE-2023-41262 | SQL Injection vulnerability in Plixer Scrutinizer An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. | 9.8 |
| 2023-10-12 | CVE-2023-41263 | Information Exposure Through Log Files vulnerability in Plixer Scrutinizer An issue was discovered in Plixer Scrutinizer before 19.3.1. | 3.7 |
| 2021-06-30 | CVE-2021-28993 | SQL Injection vulnerability in Plixer Scrutinizer 19.0.2 Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. | 5.0 |
| 2020-01-09 | CVE-2012-1261 | Cross-site Scripting vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204 Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter. | 4.3 |
| 2020-01-09 | CVE-2012-1260 | Cross-site Scripting vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 8.6.2.16204 Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. | 4.3 |
| 2020-01-09 | CVE-2012-1259 | SQL Injection vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 8.6.2.16204 Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter. | 7.5 |
| 2020-01-09 | CVE-2012-1258 | Improper Authentication vulnerability in Plixer Scrutinizer Netflow & Sflow Analyzer 5.0.2/8.6.2.16204 cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters. | 4.0 |