CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-11646
https://notcve.org/view.php?id=CVE-2019-11646
Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information. Ejecución remota de comandos no autorizados y divulgación no autorizada de información en Micro Focus Service Manager, versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. Esta vulnerabilidad podría permitir la ejecución remota de comandos no autorizados y la divulgación no autorizada de información. • https://softwaresupport.softwaregrp.com/doc/KM03452977 •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-18591 – MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
https://notcve.org/view.php?id=CVE-2018-18591
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data. Se ha identificado una potencial divulgación de datos en Micro Focus Service Manager en versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50 y 9.51. La vulnerabilidad podría ser explotada para divulgar datos de forma no autorizada. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-6494 – MFSBGN03807 rev.1 - HP Service Manager Software, Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-6494
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. Vulnerabilidad de inyección SQL en Dolibarr en versiones anteriores a la 7.0.2 permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro sortfield en /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php o /admin/website.php. • http://www.securityfocus.com/bid/104141 http://www.securitytracker.com/id/1040902 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158656 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •