Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 07/06/2015 Updated: 09/10/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Unspecified vulnerability in HP WebInspect 7.x up to and including 10.4 prior to 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp webinspect

# Exploit Title: HP WebInspect - XML External Entity # Date: 23\04\2015 # Exploit Author: Jakub Palaczynski # Vendor Homepage: wwwhpcom/ # Version: 104, 103, 102, 101, 100, 9x, 8x, 7x # CVE : CVE-2015-2125 1 Create website that exploits vulnerability 11 Website that steals files using OOB technique: 111 Website that trigge ...

HP WebInspect versions 7x, 8x, 9x, and 100 through 104 suffer from an XML external entity vulnerability ...

CWE-611 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04695307 http://www.securityfocus.com/bid/75036 http://www.securitytracker.com/id/1032478 https://www.exploit-db.com/exploits/37250/https://nvd.nist.gov https://www.exploit-db.com/exploits/37250/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-2125

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect