18 matches found
EUVD-2014-2643
Malware in sbrugna...
EUVD-2014-2642
Malware in sbrugna...
CVE-2014-2610
Directory traversal vulnerability in the Content Acceleration Pack CAP web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117...
CVE-2014-2611
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...
Directory traversal
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...
CVE-2014-2611
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...
CVE-2014-2610
Directory traversal vulnerability in the Content Acceleration Pack CAP web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117...
CVE-2014-2609
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116...
Authentication flaw
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116...
CVE-2014-2610
CVE-2014-2610 affects HP Executive Scorecard (CAP) in versions 9.40 and 9.41. The underlying issue is a directory-traversal flaw in the Content Acceleration Pack web application that allows an authenticated user to upload an executable file, enabling remote code execution. The ZDI advisory confir...
CVE-2014-2609
The CVE affects HP Executive Scorecard (v9.40 and v9.41) where the Java Glassfish Admin Console allows unauthenticated remote code execution via a session on TCP port 10001. Root cause: authentication bypass on the Glassfish admin interface leading to arbitrary code execution under SYSTEM. Impact...
CVE-2014-2611
CVE-2014-2611 is a directory traversal vulnerability in HP Enterprise Scorecard’s fndwar web application (affecting HP Executive Scorecard v9.40 and v9.41). The flaw can allow a remote attacker to execute arbitrary code, or disclose/delete data, with the attack requiring authentication per ZDI-14...
CVE-2014-2610
Directory traversal vulnerability in the Content Acceleration Pack CAP web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117...
CVE-2014-2609
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116...
CVE-2014-2611
Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...
HP Software Executive Scorecard security vulnerabilities
Directory traversal, code execution...
Hewlett-Packard IT Executive Scorecard CAP File Upload Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard IT Executive Scorecard. Authentication is required to exploit this vulnerability. The specific flaw exists within the Content Acceleration Pack web application code. A file upload...
Hewlett-Packard IT Executive Scorecard fndwar Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard IT Executive Scorecard. Authentication is required to exploit this vulnerability. The specific flaw exists within the fndwar web application. A directory traversal vulnerability can...