CVE-2013-4809
- EPSS 3.3%
- Veröffentlicht 16.09.2013 13:01:46
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parame...
- EPSS 79%
- Veröffentlicht 16.09.2013 13:01:46
- Zuletzt bearbeitet 21.04.2026 19:12:54
HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServ...
- EPSS 71.29%
- Veröffentlicht 16.09.2013 13:01:46
- Zuletzt bearbeitet 29.04.2026 01:13:23
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert argument, which allows remote attackers to upload ...
- EPSS 51.9%
- Veröffentlicht 16.09.2013 13:01:46
- Zuletzt bearbeitet 29.04.2026 01:13:23
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName argument, which allows remote attackers to upload .j...
- EPSS 8.51%
- Veröffentlicht 16.09.2013 13:01:46
- Zuletzt bearbeitet 29.04.2026 01:13:23
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.
- EPSS 2.43%
- Veröffentlicht 15.04.2009 10:30:00
- Zuletzt bearbeitet 16.06.2026 22:44:14
Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier allows remote attackers to obtain sensitive information from the ProCurve Manager server via unknown attack vectors.