Lucene search
K

79 matches found

Positive Technologies
Positive Technologies
added 2013/09/11 12:0 a.m.10 views

PT-2013-5209 · Hewlett Packard +1 · Hp Application Lifecycle Management +3

Name of the Vulnerable Software and Affected Versions: HP Multiple Products versions affected versions not specified HP PCM+ and Application Lifecycle Management affected versions not specified Description: The issue allows for remote code execution. It involves the JBoss Invoker Servlets and...

10CVSS7.5AI score0.79003EPSS
Exploits5References11
Zero Day Initiative
Zero Day Initiative
added 2013/09/11 12:0 a.m.67 views

HP PCM+ and Application Lifecycle Management JBoss Invoker Servlets Marshalled Object Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus and Application Lifecycle Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the exposed EJBInvokerServlet and JMXInvokerServlet. ...

10CVSS5AI score0.79003EPSS
Exploits5References2
Prion
Prion
added 2013/07/29 1:59 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in HP Application Lifecycle Management ALM Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565...

4.3CVSS6.1AI score0.02105EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.58 views

[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03864640 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03864640 Version: 1 HPSBGN02906 rev....

4.3CVSS0.02105EPSS
Exploits0
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.34 views

HP Application Lifecycle Management crossite scripting

HP Application Lifecycle Management Quality Center crossite scripting...

4.3CVSS1.1AI score0.02105EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2012/10/10 12:0 a.m.24 views

HP Application Lifecycle Management - 'XGO.ocx' ActiveX 'SetShapeNodeType()' Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

7AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.36 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.28 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

0.1AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.41 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

0.1AI score
Exploits0
0day.today
0day.today
added 2012/10/09 12:0 a.m.15 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

6.7AI score
Exploits0
Saint
Saint
added 2012/10/09 12:0 a.m.23 views

HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
0day.today
0day.today
added 2012/09/25 12:0 a.m.31 views

HP ALM Remote Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

6.7AI score
Exploits0
Metasploit
Metasploit
added 2012/09/24 8:0 a.m.11 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

This module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allow...

10AI score
Exploits0
Saint
Saint
added 2012/09/13 12:0 a.m.33 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
added 2012/09/13 12:0 a.m.41 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
added 2012/09/13 12:0 a.m.27 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Saint
Saint
added 2012/09/13 12:0 a.m.21 views

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType Method Vulnerability

Added: 09/13/2012 BID: 55272 OSVDB: 85152 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

7.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/08/29 12:0 a.m.19 views

(0Day) HP Application Lifecycle Management XGO.ocx ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Application Lifecycle Management. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

7.5CVSS7.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2011/03/24 3:58 p.m.14 views

The Challenge of Starting an Application Security Program

Since organizations started opening their internal applications to the Web, a little more than a decade ago, it became clear that the security of those connected applications would be more complex – and critical to get right – than before. Unfortunately, through complacency, perhaps a feeling tha...

7.1AI score
Exploits0
Rows per page
Query Builder