Search Results (Refine Search)
- CPE Product Version: cpe:/a:hp:system_management_homepage:2.1.3.132
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-1586 |
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. Published: April 28, 2010; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-4185 |
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. Published: February 05, 2010; 5:30:02 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-1418 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: May 19, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-4413 |
Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Published: November 04, 2008; 1:29:47 PM -0500 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2008-4411 |
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. Published: October 13, 2008; 4:00:02 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-4931 |
HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL. Published: September 18, 2007; 2:17:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2007-3260 |
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges. Published: June 19, 2007; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2006-1774 |
HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL. Published: April 13, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |