juan vazquez

644 exploits Active since Sep 2005
CVE-2013-4812 EXPLOITDB ruby WORKING POC
HP ProCurve Manager <4.0 - RCE
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVE-2013-4811 EXPLOITDB ruby WORKING POC
HP ProCurve Manager <4.0 - RCE
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload .jsp files and consequently execute arbitrary code via unspecified vectors, aka ZDI-CAN-1743.
CVE-2012-2020 EXPLOITDB ruby WORKING POC
HP Operations Agent <11.03.12 - RCE
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.
CVE-2012-2019 EXPLOITDB ruby WORKING POC
HP Operations Agent <11.03.12 - RCE
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
CVE-2011-3167 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.51-7.53 - RCE
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
CVE-2009-0920 EXPLOITDB ruby WORKING POC
HP Network Node Manager - Memory Corruption
Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067.
CVE-2011-4166 EXPLOITDB ruby WORKING POC
HP Managed Printing Administration <2.6.4 - Path Traversal
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVE-2013-4837 EXPLOITDB ruby WORKING POC
HP LoadRunner <11.52 - RCE
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.
CVE-2013-4798 EXPLOITDB ruby WORKING POC
HP LoadRunner <11.52 - RCE
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.
CVE-2013-2370 EXPLOITDB ruby WORKING POC
HP LoadRunner <11.52 - RCE
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671.
CVE-2013-4800 EXPLOITDB ruby WORKING POC
HP LoadRunner <11.52 - RCE
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
EIP-2026-118646 EXPLOITDB ruby WORKING POC
HP Intelligent Management Center UAM - Remote Buffer Overflow (Metasploit)
CVE-2013-4822 EXPLOITDB ruby WORKING POC
HP iMC/BIMS - RCE
Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Branch Intelligent Management System Software Module (aka BIMS) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1606.
CVE-2012-5201 EXPLOITDB ruby WORKING POC
HP iMC <5.2 E0401 - RCE
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.
CVE-2011-2404 EXPLOITDB ruby WORKING POC
HP Easy Printer Care Software < 2.5 - Code Injection
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.
CVE-2011-4786 EXPLOITDB ruby WORKING POC
HP Easy Printer Care Software < 2.5 - Code Injection
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787.
CVE-2010-3007 EXPLOITDB ruby WORKING POC
HP Data Protector <4.0 - Privilege Escalation/DoS
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.
CVE-2012-0124 EXPLOITDB ruby WORKING POC
HP Data Protector Express - Denial of Service
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
CVE-2013-2333 EXPLOITDB ruby WORKING POC
HP Storage Data Protector <7.01 - RCE
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680.
CVE-2013-2347 EXPLOITDB ruby WORKING POC
HP Storage Data Protector - Denial of Service
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
CVE-2013-6194 EXPLOITDB ruby WORKING POC
HP Storage Data Protector - Denial of Service
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.
EIP-2026-118644 EXPLOITDB ruby WORKING POC
HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)
EIP-2026-118642 EXPLOITDB ruby WORKING POC
Honeywell Tema Remote Installer - ActiveX Remote Code Execution (Metasploit)
EIP-2026-118359 EXPLOITDB ruby WORKING POC
Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)
CVE-2013-0108 EXPLOITDB ruby WORKING POC
Honeywell Enterprise Buildings Integrator - Code Injection
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document.