CVSS: 4.9EPSS: 0%CPEs: 37EXPL: 0CVE-2012-2006
https://notcve.org/view.php?id=CVE-2012-2006
Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP Insight Management Agents antes de v9.0.0.0 en Windows Server 2003 y 2008 permite a atacantes remotos modificar los datos o causar una denegación de servicio a través de vectores desconocidos. • http://osvdb.org/81669 http://secunia.com/advisories/49054 http://www.securityfocus.com/archive/1/522548 http://www.securityfocus.com/bid/53341 http://www.securitytracker.com/id?1027003 https://exchange.xforce.ibmcloud.com/vulnerabilities/75315 •
CVSS: 8.3EPSS: 1%CPEs: 37EXPL: 0CVE-2012-2004
https://notcve.org/view.php?id=CVE-2012-2004
Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en HP Insight Management Agents antes de v9.0.0.0 en Windows Server 2003 y 2008 permite a atacantes remotos redirigir a los usuarios a sitios web de su elección y llevar a cabo ataques de phishing a través de vectores no especificados. • http://osvdb.org/81667 http://secunia.com/advisories/49054 http://www.securityfocus.com/archive/1/522548 http://www.securityfocus.com/bid/53341 http://www.securitytracker.com/id?1027003 https://exchange.xforce.ibmcloud.com/vulnerabilities/75313 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 37EXPL: 0CVE-2012-2005
https://notcve.org/view.php?id=CVE-2012-2005
Cross-site scripting (XSS) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Insight Management Agents antes de v9.0.0.0 en Windows Server 2003 y 2008 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores desconocidos. • http://osvdb.org/81668 http://secunia.com/advisories/49054 http://www.securityfocus.com/archive/1/522548 http://www.securityfocus.com/bid/53341 http://www.securitytracker.com/id?1027003 https://exchange.xforce.ibmcloud.com/vulnerabilities/75314 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 37EXPL: 0CVE-2012-2003
https://notcve.org/view.php?id=CVE-2012-2003
Cross-site request forgery (CSRF) vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de falsificación de peticiones en sitios cruzados (CSRF) en HP Insight Management Agents antes de v9.0.0.0 en Windows Server 2003 y 2008 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. • http://osvdb.org/81666 http://secunia.com/advisories/49054 http://www.securityfocus.com/archive/1/522548 http://www.securityfocus.com/bid/53341 http://www.securitytracker.com/id?1027003 https://exchange.xforce.ibmcloud.com/vulnerabilities/75312 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 0CVE-2010-4112 – HP System Management Homepage Cross Site Scripting
https://notcve.org/view.php?id=CVE-2010-4112
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path. HP Insight Management Agents before v8.6 permite a atacantes remotos obtener información sensible a través de peticiones no especificadas que provocan vulnerabilidad de ruta llena. HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. • http://marc.info/?l=bugtraq&m=129244833127572&w=2 http://secunia.com/advisories/42603 http://www.securityfocus.com/bid/45423 http://www.securitytracker.com/id?1024898 http://www.vupen.com/english/advisories/2010/3248 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •