11 matches found
HP System Management Homepage ginkgosnmp.inc Command Injection
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is earlier than 7.2.2 and is, therefore, reportedly affected by a command injection vulnerability. An input validation error exists in the file 'ginkgosnmp.inc' related to the la...
HP/HPE System Management Homepage (SMH) Command Injection Vulnerability (HPSBMU02917)
HP/HPE System Management Homepage SMH is prone to a command injection vulnerability. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
HP System Management Homepage ginkgosnmp.inc Command Injection
Added: 07/26/2013 CVE: CVE-2013-3576 BID: 60471 OSVDB: 94191 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A vulnerability in HP SMH ginkgosnmp.inc script allows command execution by a remote...
HP System Management Homepage ginkgosnmp.inc Command Injection
Added: 07/26/2013 CVE: CVE-2013-3576 BID: 60471 OSVDB: 94191 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A vulnerability in HP SMH ginkgosnmp.inc script allows command execution by a remote...
HP System Management Homepage JustGetSNMPQueue Command Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
CVE-2013-3576
creationtimestamp| type| source ---|---|--- 2013-06-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/26420 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/hpsysmgmtexec.rb 2025-02-06 03:13:41+00:00| seen|...
HP System Management Homepage JustGetSNMPQueue Command Injection
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "HP System...
CVE-2013-3576
ginkgosnmp.inc in HP System Management Homepage SMH allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATHINFO to smhutil/snmpchp.php.en...
DSquare Exploit Pack: D2SEC_HPSMH
Name| d2sechpsmh ---|--- CVE| CVE-2013-3576 Exploit Pack| D2ExploitPack Description| HP System Management Homepage Command Injection Vulnerability Notes|...
CVE-2013-3576
CVE-2013-3576 affects HP System Management Homepage (SMH); ginkgosnmp.inc uses the last URL path segment in an exec call, enabling remote authenticated users to execute arbitrary commands via PATH_INFO (e.g., snmhutil/snmpchp.php.en). Impact: remote code execution with full privileges on the HP S...
HP System Management Home Page Command Injection (CVE-2013-3576)
A Remote PHP Code Injection has been reported in HP System Management. The vulnerability is due to improper input validation. A remote attacker can exploit this issue by sending a malicious request containing a specially crafted parameter to the target server. Successful exploitation would result...