Page 9 of 44 results (0.008 seconds)

CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0

Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en HP System Insight Manager anterior a v6.0 permite a atacantes remotos secuestrar la autenticación de victimas sin especificar a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=127239985506823&w=2 http://secunia.com/advisories/39645 http://securitytracker.com/id?1023927 http://www.securityfocus.com/bid/39736 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0

Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors. Vulnerabilidad no especificada en HP Systems Insight Manager (SIM) anterior a v5.2 Update 2 (C.05.02.02.00) permite a atacantes remotos obtener información sensible mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01571962 http://secunia.com/advisories/32287 http://www.securityfocus.com/bid/31777 http://www.securitytracker.com/id?1021064 http://www.vupen.com/english/advisories/2008/2836 https://exchange.xforce.ibmcloud.com/vulnerabilities/45916 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie. Vulnerabilidad de fijación de sesión en HP Systems Insight Manager (SIM) 4.2 y 5.0 SP4 y SP5 permite a atacantes remotos secuestrar sesiones web al establecer la cookie JSESSIONID. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 http://osvdb.org/36061 http://secunia.com/advisories/25275 http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt http://www.securityfocus.com/archive/1/468974/100/0/threaded http://www.securityfocus.com/bid/23988 http://www.securitytracker.com/id?1018062 http://www.vupen.com/english/advisories/2007/1823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34303 • CWE-287: Improper Authentication •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0

Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006. • http://secunia.com/advisories/18789 http://securitytracker.com/id?1015605 http://www.securityfocus.com/bid/16571 http://www.vupen.com/english/advisories/2006/0497 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00597967 •