Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/06/2013 Updated: 14/06/2013

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote malicious users to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp insight diagnostics 9.4.0.4710

source: wwwsecurityfocuscom/bid/60449/info HP Insight Diagnostics is prone to a local file include vulnerability because it fails to adequately validate user-supplied input An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts This could allow the attacker to compromi ...

CWE-20 http://www.kb.cert.org/vuls/id/324668 https://nvd.nist.gov https://www.exploit-db.com/exploits/38563/https://www.kb.cert.org/vuls/id/324668

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-3575

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect