5 matches found
CVE-2013-2050
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/cfmemanageiqevmpassreset.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:14+00:00|...
Red Hat CloudForms Management Engine SQL Injection (CVE-2013-2050)
An SQL injection has been reported in Red Hat CloudForms Management Engine. The vulnerability is due to improper sanitization of in the "explorer" action of "miqpolicy" controller. A remote attacker can exploit this vulnerability via the profile parameter in an explorer action...
CVE-2013-2050
SQL injection vulnerability in the miqpolicy controller in Red Hat CloudForms 2.0 Management Engine CFME 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile parameter in an explorer action...
CVE-2013-2050
The CVE-2013-2050 issue is a SQL injection vulnerability in the miq_policy controller of Red Hat CloudForms Management Engine (CFME) 5.1 and older, and ManageIQ Enterprise Virtualization Manager 5.0 and older. The vulnerability leverages the explorer action via the profile[] parameter, allowing r...
Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection
This module exploits a SQL injection vulnerability in the "explorer" action of "miqpolicy" controller of the Red Hat CloudForms Management Engine 5.1 ManageIQ Enterprise Virtualization Manager 5.0 and earlier by changing the password of the target account to the specified password. This module...