VYPR

Insight Diagnostics

by Microfocus

CVEs (6)

  • CVE-2013-3575Jun 14, 2013
    risk 0.03cvss epss 0.04

    hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.

  • CVE-2013-3574Jun 14, 2013
    risk 0.03cvss epss 0.05

    Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.

  • CVE-2010-4111Dec 22, 2010
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2010-3003Sep 10, 2010
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-3573Jun 14, 2013
    risk 0.00cvss epss 0.04

    HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.

  • CVE-2008-3542Oct 2, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.