Dell SonicWALL Scrutinizer 9 SQL Injection
https://packetstormsecurity.com/files/115235/sonicwall_scrutinizer_sqli.rb.txt
https://packetstormsecurity.com/files/115235/sonicwall_scrutinizer_sqli.rb.txthttps://packetstormsecurity.com/files/115235/Dell-SonicWALL-Scrutinizer-9-SQL-Injection.htmlFri, 03 Aug 2012 02:33:31 GMTThis Metasploit module exploits a vulnerability found in Dell SonicWall Scrutinizer. While handling the 'q' parameter, the PHP application does not properly filter the user-supplied data, which can be manipulated to inject SQL commands, and then gain remote code execution. Please note that authentication is NOT needed to exploit this vulnerability.