VYPR

Service Center Server

by Microfocus

CVEs (9)

  • CVE-2026-9493MedMay 29, 2026
    risk 0.42cvss 6.5epss 0.00

    Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details.

  • CVE-2025-34395Dec 10, 2025
    risk 0.00cvss epss 0.01

    Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to…

  • CVE-2025-34394Dec 10, 2025
    risk 0.00cvss epss 0.01

    Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution.

  • CVE-2025-34393Dec 10, 2025
    risk 0.00cvss epss 0.01

    Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary…

  • CVE-2025-34392Dec 10, 2025
    risk 0.00cvss epss 0.22

    Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell…

  • CVE-2012-3250Aug 16, 2012
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center Server 6.28, allows remote attackers to cause a denial of service via unknown vectors.

  • CVE-2011-1862Jun 14, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-1861Jun 14, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to modify data or obtain sensitive information via unknown vectors.

  • CVE-2011-1860Jun 14, 2011
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to capture HTTP session credentials via unknown vectors.