CVE-2011-2403
HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, 9.10 - Authenticated SQL Injection
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-2403. PoCs published by anonymous.
AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in HP Network Automation by injecting a UNION-based query to extract database information such as user, version, and database name. The vulnerability arises from insufficient input sanitization in the 'id' parameter of the 'view.php' script.
Description
SQL injection vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Exploits (1)
This exploit demonstrates an SQL injection vulnerability in HP Network Automation by injecting a UNION-based query to extract database information such as user, version, and database name. The vulnerability arises from insufficient input sanitization in the 'id' parameter of the 'view.php' script.