CVE-2013-2361
https://notcve.org/view.php?id=CVE-2013-2361
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores desconocidos. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-2355
https://notcve.org/view.php?id=CVE-2013-2355
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener información sensible a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-5217. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-2364
https://notcve.org/view.php?id=CVE-2013-2364
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-2357
https://notcve.org/view.php?id=CVE-2013-2357
Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegación de servicio a través de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2358, CVE-2013-2359, y CVE-2013-2360. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •
CVE-2013-3576 – HP System Management Homepage - JustGetSNMPQueue Command Injection
https://notcve.org/view.php?id=CVE-2013-3576
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. ginkgosnmp.inc en HP System Management Homepage (SMH) permite a usuarios autenticados remotamente ejecutar comandos a través de metacaracteres shell desde el PATH_INFO a smhutil/snmpchp.php. • https://www.exploit-db.com/exploits/26420 http://marc.info/?l=bugtraq&m=137952496405683&w=2 http://www.kb.cert.org/vuls/id/735364 - • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •