59 matches found
EUVD-2013-3507
Malware in sbrugna...
EUVD-2010-4087
Malware in sbrugna...
EUVD-2008-3528
Malware in sbrugna...
EUVD-2010-3005
Malware in sbrugna...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
CVE-2010-3003
Cross-site scripting XSS vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
CVE-2013-3574
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
HP Insight Diagnostics Online Edition Cross-Site Scripting (CVE-2010-4111)
A script injection vulnerability exists in HP Insight Diagnostics. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
Hardcoded credentials
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
Design/Logic Flaw
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
Path traversal
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
CVE-2013-3575
CVE-2013-3575 affects HP Insight Diagnostics 9.4.0.4710; hpdiags/frontend2/help/pageview.php does not properly restrict PHP include/require, enabling an attacker to pull in arbitrary files under hpdiags/frontend2/help/ via the path parameter (remote inclusion). The Red Hat/NVD entries corroborate...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
CVE-2013-3574
CVE-2013-3574 is a path traversal vulnerability in HP Insight Diagnostics (hpdiags/frontend2/commands/saveCompareConfig.php) affecting version 9.4.0.4710. The root cause is improper handling of the devicePath parameter, enabling remote attackers to write data to arbitrary files by supplying a ful...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
CVE-2013-3574
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Environment: Tested on both windows and linux x32 platforms. The installation requires HP Insight...