- EPSS 4.28%
- Veröffentlicht 14.06.2013 13:07:29
- Zuletzt bearbeitet 29.04.2026 01:13:23
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
CVE-2013-3574
- EPSS 4.91%
- Veröffentlicht 14.06.2013 13:07:29
- Zuletzt bearbeitet 29.04.2026 01:13:23
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) ...
- EPSS 3.84%
- Veröffentlicht 14.06.2013 13:07:29
- Zuletzt bearbeitet 29.04.2026 01:13:23
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
CVE-2010-4111
- EPSS 1.81%
- Veröffentlicht 22.12.2010 21:00:18
- Zuletzt bearbeitet 16.06.2026 23:24:10
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3003
- EPSS 4.36%
- Veröffentlicht 10.09.2010 18:00:02
- Zuletzt bearbeitet 16.06.2026 23:21:57
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3542
- EPSS 3.46%
- Veröffentlicht 02.10.2008 18:18:05
- Zuletzt bearbeitet 16.06.2026 22:56:01
Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.