17 matches found
CVE-2010-0452
Multiple cross-site scripting XSS vulnerabilities in HP Project and Portfolio Management Center PPMC, formerly Mercury IT Governance 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
EUVD-2018-18245
Malware in sbrugna...
EUVD-2017-17933
Malware in sbrugna...
EUVD-2010-0483
Malware in sbrugna...
XXE Zeroday Vulnerability in HP PPM
Intro: XXE Zeroday Vulnerability in HP PPM Researchers at Rhino Security Labs discovered an XXE vulnerability in the way HP Project and Portfolio Management Center HP PPM processed imported tickets. Specifically, an XML external entity injection vulnerability allows an attacker to exploit the...
CVE-2018-6489
XML External Entity XXE vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity XXE...
CVE-2018-6489
CVE-2018-6489 is an XML External Entity (XXE) injection in Micro Focus Project and Portfolio Management Center, version 9.32. The root cause is XXE processing in the affected XML handling, enabling attacker-controlled entity parsing that could lead to information disclosure, with CVSS3 base score...
CVE-2017-8993
CVE-2017-8993 is a remote Cross-Site Scripting vulnerability in Hewlett Packard Enterprise (HPE) Project and Portfolio Management Center (PPM). Affected are HPE PPM versions v9.30, v9.31, v9.32 and v9.40. The root cause reported across sources is inadequate input filtering of user-supplied data, ...
Design/Logic Flaw
Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack...
CVE-2017-14361
CVE-2017-14361 affects Micro Focus Project and Portfolio Management Center, version 9.32. It is a Man-In-The-Middle vulnerability that could be exploited by a remote attacker to perform an MITM attack. NVD lists CVSS‑3.0 base score 7.4 (HIGH) with AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N; CVSS‑2.0 bas...
CVE-2017-14361 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities
Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack...
CVE-2017-14362 MFSBGN03793 rev.1 - Project and Portfolio Management Center, Multiple vulnerabilities
Cross-Site Request Forgery vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Cross-Site Forgery attack...
CVE-2017-14362
Micro Focus Project and Portfolio Management Center (PPM Center) version 9.32 is affected by a Cross-Site Request Forgery (CSRF) vulnerability. The CVE-2017-14362 entry is supported by multiple connected sources, including CNVD-2018-00547, which states that a remote attacker could exploit this vu...
CVE-2016-4370
HPE Project and Portfolio Management Center PPM 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors...
CVE-2010-0452
Multiple cross-site scripting XSS vulnerabilities in HP Project and Portfolio Management Center PPMC, formerly Mercury IT Governance 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-0452
CVE-2010-0452 concerns multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC), affecting HP/Mercury IT Governance releases 7.1 SP10 and 7.5 SP3 and earlier. The Red Hat/HP security bulletins and CVE records describe remote XSS via unspecified vect...
[security bulletin] HPSBMA02436 SSRT080064 rev.1 - HP Project and Portfolio Management Center (PPMC), Remote Cross Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01762443 Version: 1 HPSBMA02436 SSRT080064 rev.1 - HP Project and Portfolio Management Center PPMC, Remote Cross Site Scripting XSS NOTICE: The information in this Security Bulletin should be act...