81 matches found
CVE-2013-6366
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...
Code injection
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...
CVE-2013-6366
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime.exec call...
CVE-2013-6366
CVE-2013-6366 affects VMware Hyperic HQ 4.6.6 via the Groovy script console. The vulnerability allows remote authenticated administrators to execute arbitrary code through a Runtime.getRuntime().exec call. Root cause: insecure Groovy console exposure enabling code execution. Impact: arbitrary cod...
VMware Hyperic HQ Groovy Script-Console - Java Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'VMware Hyperic HQ...
VMware Hyperic HQ Groovy Script-Console Java Execution Vulnerability
This Metasploit module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This Metasploit module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04...
VMware Hyperic HQ Groovy Script-Console Java Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'VMware Hyperic HQ...
VMware Hyperic HQ Groovy Script-Console Java Execution
This module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04 systems. This module...
Default credentials
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...
CVE-2009-2899
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...
CVE-2009-2899
The CVE-2009-2899 entry concerns SpringSource Hyperic HQ (pre-4.3) where a monitor Perl script in the Sybase plug‑in allows local users to obtain the database password by listing the process and its arguments. Affected component: Hyperic HQ monitor script; root cause: information disclosure via p...
CVE-2009-2899
The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments...
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting Multiple Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting Multiple Security Vulnerabilities source: https://www.securityfocus.com/bid/50456/info Hyperic HQ Enterprise is prone to a cross-site scripting vulnerability and multiple unspecified security vulnerabilities. An attacker may leverage the cross-si...
Hyperic HQ Enterprise|E 4.5.1 Cross Site Request Forgery / Cross Site Scripting
Title: ====== Hyperic HQ Enterprise|E v4.5.1 - Multiple Vulnerabilities Date: ===== 2011-08-08 VL-ID: ===== 240 Introduction: ============= Designed for companies who run large scale business-critical web applications and systems and want world-class support. Prepare to be amazed. Award-winning...
Hyperic HQ Web GUI Detection
A web-based interface for Hyperic HQ, a web- and enterprise- application management system, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid45357; scriptversion"1.6"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"Hyperic HQ Web GUI...
CVE-2009-2907
Multiple cross-site scripting XSS vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite AMS before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers t...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite AMS before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers t...
CVE-2009-2907
CVE-2009-2907 affects SpringSource Hyperic HQ-related products (Open Source 4.2.x and 4.1.x/4.0.x lines; Enterprise 4.0.x/4.1.x) and related components such as tc Server 6.x and AMS up to 2.0.0.SR4. Root cause: improper validation of user-supplied input leading to stored cross-site scripting via ...
CVE-2009-2907
Multiple cross-site scripting XSS vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite AMS before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers t...
CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities Severity: Moderate Vendor: SpringSource Versions Affected: SpringSource Hyperic HQ 4.2 pre-release versions SpringSource Hyperic HQ 4.1.0 to 4.1.2 SpringSource Hyperic HQ 4.0.0 to 4.0...