CVSS: 6.1EPSS: 1%CPEs: 19EXPL: 0CVE-2010-1036
https://notcve.org/view.php?id=CVE-2010-1036
28 Apr 2010 — Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP System Insight Manager anterior v6.0 permite a atacantes remotos iyectar código web o HTML de su elección a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=127239985506823&w=2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2010-1037
https://notcve.org/view.php?id=CVE-2010-1037
28 Apr 2010 — Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en HP System Insight Manager anterior a v6.0 permite a atacantes remotos secuestrar la autenticación de victimas sin especificar a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127239985506823&w=2 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2010-1038
https://notcve.org/view.php?id=CVE-2010-1038
28 Apr 2010 — Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en HP System Insight Manager anterior v6.0 permite a usuarios autenticados remotamente obtener privilegios a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127239985506823&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2009-0713
https://notcve.org/view.php?id=CVE-2009-0713
11 Mar 2009 — Unspecified vulnerability in WMI Mapper for HP Systems Insight Manager before 2.5.2.0 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad sin especificar en WMI Mapper para HP Systems Insight Manager anteriores a v2.5.2.0, permite a atacantes remotos obtener información sensible a través de vectores de ataque desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01655638 •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2008-4412
https://notcve.org/view.php?id=CVE-2008-4412
17 Oct 2008 — Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. Vulnerabilidad no especificada en HP Systems Insight Manager (SIM) anterior a v5.2 Update 2 (C.05.02.02.00) permite a atacantes remotos obtener información sensible mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01571962 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2007-2719
https://notcve.org/view.php?id=CVE-2007-2719
16 May 2007 — Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. Vulnerabilidad de fijación de sesión en HP Systems Insight Manager (SIM) 4.2 y 5.0 SP4 y SP5 permite a atacantes remotos secuestrar sesiones web al establecer la cookie JSESSIONID. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 • CWE-287: Improper Authentication •
CVSS: 9.1EPSS: 3%CPEs: 7EXPL: 0CVE-2006-0656
https://notcve.org/view.php?id=CVE-2006-0656
13 Feb 2006 — Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006. • http://secunia.com/advisories/18789 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3983
https://notcve.org/view.php?id=CVE-2005-3983
04 Dec 2005 — Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. • http://www.securityfocus.com/archive/1/418280/100/0/threaded •