Page 3 of 38 results (0.005 seconds)

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en el servidor en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69376 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95449 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 0

Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el componente WebTier en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69377 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95448 •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en los componentes Mobility Web Client y Service Request Catalog (SRC) en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69380 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95447 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.4EPSS: 1%CPEs: 6EXPL: 0

Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of service, via unknown vectors. Vulnerabilidad no especificada en el servidor en HP Service Manager (SM) 7.21 y 9.x anterior a 9.34 permite a atacantes remotos evadir las restricciones de acceso, y modificar datos o causar una denegación de servicio, a través de vectores desconocidos. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04388127 http://secunia.com/advisories/60028 http://secunia.com/advisories/60714 http://www.securityfocus.com/bid/69379 http://www.securitytracker.com/id/1030756 https://exchange.xforce.ibmcloud.com/vulnerabilities/95450 •

CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0

Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code. Múltiples vulnerabilidades de CSRF en HP Service Manager 9.30, 9.31, 9.32 y 9.33 permiten a atacantes remotos secuestrar la autenticación de victimas no especificadas para solicitudes que (1) insertan secuencias XSS o (2) ejecutan código arbitrario. • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04117626 http://www.securitytracker.com/id/1029803 • CWE-352: Cross-Site Request Forgery (CSRF) •