CVE-2012-3256
https://notcve.org/view.php?id=CVE-2012-3256
Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en HP Business Availability Center (BAC) v8.07, permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos (1). • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03475750 http://osvdb.org/85251 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2012-3255
https://notcve.org/view.php?id=CVE-2012-3255
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Business Availability Center (BAC) v8.07 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03475750 http://osvdb.org/85250 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-3257
https://notcve.org/view.php?id=CVE-2012-3257
HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. HP Business Availability Center (BAC) v8.07 permite a usuarios remotos autenticados a secuestrar sesiones a través de vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03475750 http://osvdb.org/85252 •
CVE-2012-0132
https://notcve.org/view.php?id=CVE-2012-0132
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en el HP Business Availability Center (BAC) v9.01 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://secunia.com/advisories/48677 http://www.securityfocus.com/archive/1/522204 http://www.securityfocus.com/bid/52880 https://exchange.xforce.ibmcloud.com/vulnerabilities/74640 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-1856
https://notcve.org/view.php?id=CVE-2011-1856
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Business Availability Center(BAC) v8.06 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través vectores no especificados. • http://secunia.com/advisories/44569 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02823184 http://www.securitytracker.com/id?1025535 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •