CVSS: 8.3EPSS: 1%CPEs: 6EXPL: 0CVE-2011-2401
https://notcve.org/view.php?id=CVE-2011-2401
Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. Una vulnerabilidad de fijación de sesión en HP SiteScope v9.x, v10.x y v11.x permite a atacantes remotos secuestrar sesiones web a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02940969 http://osvdb.org/74114 http://secunia.com/advisories/45440 http://securitytracker.com/id?1025856 http://www.securityfocus.com/bid/48916 https://exchange.xforce.ibmcloud.com/vulnerabilities/68868 •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2011-2400
https://notcve.org/view.php?id=CVE-2011-2400
Cross-site scripting (XSS) vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados en HP SiteScope v9.x, v10.x y v11.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02940969 http://osvdb.org/74113 http://secunia.com/advisories/45440 http://securitytracker.com/id?1025856 http://www.securityfocus.com/bid/48913 https://exchange.xforce.ibmcloud.com/vulnerabilities/68867 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4350
https://notcve.org/view.php?id=CVE-2007-4350
Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la interfaz de gestión de HP SiteScope 9.0 build 911 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un mensaje trampa SNMP. • http://secunia.com/advisories/27126 http://secunia.com/secunia_research/2007-84 http://securityreason.com/securityalert/4447 http://securitytracker.com/id?1021068 http://www.securityfocus.com/archive/1/497548/100/0/threaded http://www.securityfocus.com/bid/31816 http://www.vupen.com/english/advisories/2008/2854 https://exchange.xforce.ibmcloud.com/vulnerabilities/45958 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •