CVE-2011-2410
- EPSS 0.62%
- Veröffentlicht 19.08.2011 17:55:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2406
- EPSS 0.22%
- Veröffentlicht 11.08.2011 22:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-2407
- EPSS 2.05%
- Veröffentlicht 11.08.2011 22:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors.
- EPSS 85.73%
- Veröffentlicht 02.02.2011 01:00:06
- Zuletzt bearbeitet 11.04.2025 00:51:21
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.s...
- EPSS 6.2%
- Veröffentlicht 10.03.2010 22:30:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JS...