- EPSS 1.11%
- Published 14.06.2013 13:07:29
- Last modified 11.04.2025 00:51:21
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
CVE-2013-3574
- EPSS 22.11%
- Published 14.06.2013 13:07:29
- Last modified 11.04.2025 00:51:21
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) ...
- EPSS 24.03%
- Published 14.06.2013 13:07:29
- Last modified 11.04.2025 00:51:21
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
CVE-2010-4111
- EPSS 0.48%
- Published 22.12.2010 21:00:18
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-3003
- EPSS 0.57%
- Published 10.09.2010 18:00:02
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3542
- EPSS 1.97%
- Published 02.10.2008 18:18:05
- Last modified 09.04.2025 00:30:58
Unspecified vulnerability in HP Insight Diagnostics before 7.9.1.2402 allows remote attackers to read arbitrary files via unknown vectors.