HPE System Management - Cross-Site Scripting

HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

EUVD-2017-4124

Malware in sbrugna...

EUVD-2016-3085

Malware in sbrugna...

EUVD-2017-4119

Malware in sbrugna...

EUVD-2016-5394

Malware in sbrugna...

EUVD-2016-5395

Malware in sbrugna...

EUVD-2017-4125

Malware in sbrugna...

EUVD-2017-4121

Malware in sbrugna...

EUVD-2016-3123

Malware in sbrugna...

EUVD-2016-5393

Malware in sbrugna...

EUVD-2017-4118

Malware in sbrugna...

EUVD-2017-4120

Malware in sbrugna...

EUVD-2016-3082

Malware in sbrugna...

EUVD-2016-3083

Malware in sbrugna...

EUVD-2017-4122

Malware in sbrugna...

EUVD-2017-4123

Malware in sbrugna...

EUVD-2016-5396

Malware in sbrugna...

HPE Systems Insight Manager AMF Deserialization RCE

A remotely exploitable vulnerability exists within HPE System Insight Manager SIM version 7.6.x that can be leveraged by a remote unauthenticated attacker to execute code within the context of HPE System Insight Manager's hpsimsvc.exe process, which runs with administrative privileges. The...

HPE Systems Insight Manager AMF Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE Systems Insight Manager AMF Deserialization RCE', 'Description' = %q A remotely exploitable vulnerability exists within HPE System Insight...

HPE System Management 7.6.0.11 Cross Site Scripting

Product: HPE System Management Homepage Versions: 7.6.0.11 and minor versions Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact: Allows an attacker to perform an XSS Cross-Site Scripting attack, execute arbitrary...