HP WebInspect REST API Unauthorized Access

Binary data hpwebinspectnoauthapi.nbin...

HP WebInspect Installed

Binary data hpwebinspectinstalled.nbin...

HP WebInspect XXE Unauthorized Information Disclosure

The version of HP WebInspect installed on the remote Windows host is affected by an unauthorized information disclosure vulnerability due to an XML external entity injection flaw that is triggered during the parsing of XML data. A remote attacker can exploit this, via a malicious website scanned ...

HP WebInspect 10.4 XML External Entity

Exploit Title: HP WebInspect - XML External Entity Date: 23\04\2015 Exploit Author: Jakub Palaczynski Vendor Homepage: http://www.hp.com/ Version: 10.4, 10.3, 10.2, 10.1, 10.0, 9.x, 8.x, 7.x CVE : CVE-2015-2125 1. Create website that exploits vulnerability. 1.1. Website that steals files using OO...

HP WebInspect 10.4 - XML External Entity Injection

HP WebInspect 10.4 - XML External Entity Injection Exploit Title: HP WebInspect - XML External Entity Date: 23\04\2015 Exploit Author: Jakub Palaczynski Vendor Homepage: http://www.hp.com/ Version: 10.4, 10.3, 10.2, 10.1, 10.0, 9.x, 8.x, 7.x CVE : CVE-2015-2125 1. Create website that exploits...

HP WebInspect 10.4 - XML External Entity Injection

Exploit Title: HP WebInspect - XML External Entity Date: 23\04\2015 Exploit Author: Jakub Palaczynski Vendor Homepage: http://www.hp.com/ Version: 10.4, 10.3, 10.2, 10.1, 10.0, 9.x, 8.x, 7.x CVE : CVE-2015-2125 1. Create website that exploits vulnerability. 1.1. Website that steals files using OO...

HP WebInspect unauthorized access

No description provided...

[security bulletin] HPSBGN03343 rev.1 - HP WebInspect, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04695307 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04695307 Version: 1 HPSBGN03343 rev....

CVE-2015-2125

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors...

CVE-2015-2125

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors...

CVE-2015-2125

HP WebInspect 7.x–10.4 (before 10.4 update 1) is affected by CVE-2015-2125 via an XML External Entity (XXE) injection in its XML parsing, enabling a remote attacker to cause unauthorized information disclosure (read arbitrary files) when scanning or processing crafted XML. The vulnerability is de...