Skip to main content

Service Center

6 CVEs product

Monthly

CVE-2026-9493 HIGH This Week

Authorization bypass in BankPro E-Service Technology's Service Center application allows authenticated remote attackers to read other users' electronic commerce order details by tampering with an object identifier parameter in a query function. The CVSS 4.0 vector (AV:N/PR:L/VC:H) reflects a high-confidentiality impact over the network with low privileges and no user interaction, and there is no public exploit identified at time of analysis. The flaw is an Insecure Direct Object Reference (IDOR) reported by TWCERT, affecting financial/EC order data that is typically subject to privacy and PCI-DSS scrutiny.

Authentication Bypass Service Center
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2013-4844 HIGH PATCH This Week

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

HP RCE Service Manager Service Center
NVD
CVSS 2.0
7.5
EPSS
6.4%
CVE-2013-4808 CRITICAL Act Now

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Center Service Manager
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2013-2337 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Manager Service Center
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-2336 MEDIUM This Month

HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Manager Service Center
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2012-5214 HIGH This Week

Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center
NVD
CVSS 2.0
7.5
EPSS
1.1%
EPSS 0% CVSS 7.1
HIGH This Week

Authorization bypass in BankPro E-Service Technology's Service Center application allows authenticated remote attackers to read other users' electronic commerce order details by tampering with an object identifier parameter in a query function. The CVSS 4.0 vector (AV:N/PR:L/VC:H) reflects a high-confidentiality impact over the network with low privileges and no user interaction, and there is no public exploit identified at time of analysis. The flaw is an Insecure Direct Object Reference (IDOR) reported by TWCERT, affecting financial/EC order data that is typically subject to privacy and PCI-DSS scrutiny.

Authentication Bypass Service Center
NVD VulDB
EPSS 6% CVSS 7.5
HIGH PATCH This Week

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, 9.31, and 9.32, and ServiceCenter 6.2.8, allows remote attackers to execute arbitrary code via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

HP RCE Service Manager +1
NVD
EPSS 4% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Center +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Manager +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Manager +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in HP ServiceCenter 6.2.8 before 6.2.8.10 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Service Center
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy