Exploitation Summary
EIP tracks 5 public exploits for CVE-2010-3003. PoCs published by Mr Teatime.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition by injecting malicious script code via the 'category' parameter in the survey.php page. The payload uses CSS expression to redirect the user to an attacker-controlled site.
Description
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploits (5)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition by injecting malicious script code via the 'category' parameter in the survey.php page. The payload uses CSS expression to redirect the user to an attacker-controlled site.
The provided text describes a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition. It includes a proof-of-concept URL demonstrating the XSS payload but lacks executable exploit code.
The provided text describes a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition. It includes a proof-of-concept URL demonstrating the XSS payload but lacks executable exploit code.
This exploit demonstrates a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition by injecting arbitrary JavaScript code via the 'tabpage' parameter in globals.php. The vulnerability arises due to insufficient input sanitization, allowing script execution in the context of the affected site.
This is a writeup describing a cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition. It includes a proof-of-concept URL demonstrating the vulnerability but does not contain executable exploit code.