59 matches found
EUVD-2013-3507
Malware in sbrugna...
EUVD-2010-3005
Malware in sbrugna...
EUVD-2008-3528
Malware in sbrugna...
EUVD-2010-4087
Malware in sbrugna...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
CVE-2010-3003
Cross-site scripting XSS vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
CVE-2013-3574
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
HP Insight Diagnostics Online Edition Cross-Site Scripting (CVE-2010-4111)
A script injection vulnerability exists in HP Insight Diagnostics. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
Path traversal
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
Hardcoded credentials
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
Design/Logic Flaw
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
CVE-2013-3573
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors...
CVE-2013-3574
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath aka mount parameter...
CVE-2013-3574
CVE-2013-3574 is a path traversal vulnerability in HP Insight Diagnostics (hpdiags/frontend2/commands/saveCompareConfig.php) affecting version 9.4.0.4710. The root cause is improper handling of the devicePath parameter, enabling remote attackers to write data to arbitrary files by supplying a ful...
CVE-2013-3575
CVE-2013-3575 affects HP Insight Diagnostics 9.4.0.4710; hpdiags/frontend2/help/pageview.php does not properly restrict PHP include/require, enabling an attacker to pull in arbitrary files under hpdiags/frontend2/help/ via the path parameter (remote inclusion). The Red Hat/NVD entries corroborate...
CVE-2013-3575
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter...
KLA10188 Multiple vulnerabilities in HP Insight Diagnostics
Multiple critical vulnerabilities have been found in HP Insight Diagnostics. Malicious users can exploit these vulnerabilities to inject code or write local files. Below is a complete list of vulnerabilities 1. Improper PHP include restrictions can be exploited via a path parameter; 2. A path...