Page 10 of 77 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores desconocidos. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2012-5217. HP System Management Homepage (SMH) anterior a 7.2.1, permite a atacantes remotos evitar las restricciones de acceso establecidas y obtener información sensible a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2013-5217. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2013-2358, CVE-2013-2359, and CVE-2013-2360. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) anterior a 7.2.1, permite a usuarios autenticados remotamente provocar una denegación de servicio a través de vectores desconocidos. Vulnerabilidad distinta de CVE-2013-2358, CVE-2013-2359, y CVE-2013-2360. • https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 •

CVSS: 9.0EPSS: 49%CPEs: 1EXPL: 2

ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. ginkgosnmp.inc en HP System Management Homepage (SMH) permite a usuarios autenticados remotamente ejecutar comandos a través de metacaracteres shell desde el PATH_INFO a smhutil/snmpchp.php. • https://www.exploit-db.com/exploits/26420 http://marc.info/?l=bugtraq&m=137952496405683&w=2 http://www.kb.cert.org/vuls/id/735364 - • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •