CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

seebug.org•added 2014/07/01 12:0 a.m.•44 views

Hyperic HQ 3.2 - 4.2-beta1 - Multiple XSS

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS6.5AI score0.01268EPSS

Exploits8

CVE•added 2009/10/13 10:0 a.m.•52 views

CVE-2009-2898

Hyperic HQ contains cross-site scripting (XSS) vulnerabilities (CVE-2009-2898) in the web interface. A remote authenticated user can inject arbitrary script via the Description field in the Alerts list, leading to stored XSS, and there are also reflected XSS paths via the GenericError.jsp handlin...

3.5CVSS5.1AI score0.01268EPSS

Exploits7References9Affected Software3

seebug.org•added 2009/10/13 12:0 a.m.•27 views

Hyperic HQ跨站脚本和脚本注入漏洞

CVECAN ID: CVE-2009-2897,CVE-2009-2898 Hyperic HQ是一个开源的IT资源管理平台。 Hyperic HQ没有正确地验证提交给mastheadAttach.do的typeId参数、Resource.do的eid参数以及admin/user /UserAdmin.do的u参数便返回给了用户，这可能导致反射式跨站脚本攻击；此外由于没有正确地过滤传送给Description参数的输入便在警告列表中返回给了用户，这可能导致存储式跨站脚本攻击。 SpringSource Hyperic HQ 4.2-beta1 SpringSource Hyperic ...

4.3CVSS6.4AI score0.01268EPSS

Exploits8

securityvulns•added 2009/10/06 12:0 a.m.•52 views

CVE-2009-2898: Hyperic HQ - Stored XSS in alerts list

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2009-2898: Stored XSS in alerts list Severity: Moderate Vendor: SpringSource Versions Affected: Hyperic HQ 3.2, 4.0, 4.1, 4.2-beta1. Earlier, unsupported versions may also be affected Description: An authenticated Hyperic user can create an aler...

4.3CVSS5.3AI score0.01268EPSS

Exploits8

Packet Storm•added 2009/10/05 12:0 a.m.•55 views

Core Security Technologies Advisory 2009.0812

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

4.3CVSS0.8AI score0.01268EPSS

Exploits8

0day.today•added 2009/10/02 12:0 a.m.•43 views

Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS

Exploit for jsp platform in category web applications ======================================= Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS ======================================= Hyperic HQ 1 is an open source monitoring software designed to manage web applications and infrastructure. It auto-discover...

7.1AI score0.01268EPSS

Exploits8

Core Security•added 2009/10/02 12:0 a.m.•36 views

Hyperic HQ Multiple XSS

Advisory ID Internal CORE-2009-0812 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Date published: 2009-10-02 Date of last update: 2009-11-23 Vendors contacted: SpringSource Release mode: Coordinated release 2. Vulnerability Information Class: Cross site...

4.3CVSS6.2AI score0.01268EPSS

Exploits8