This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote web server hosts an application that is affected by a SQL
The version of Scrutinizer installed on the remote web server is
affected by a SQL injection vulnerability in multiple parameters of
the 'd4d/alarms.php' script.
An unauthenticated remote attacker can leverage this issue to
manipulate database queries, leading to disclosure of sensitive
information, attacks against the underlying database, and the like.
Note that this install is also likely to be affected by multiple other
vulnerabilities, though Nessus has not tested for these.
See also :
Upgrade to Scrutinizer 9.0.1 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true