CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3846
https://notcve.org/view.php?id=CVE-2011-3846
Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. Una vulnerabilidad de falsificación de peticiones en sitios cruzados (CSRF) en HP System Management Homepage (SMH) v6.2.2.7 permite a atacantes remotos secuestrar la autenticación de los administradores para las peticiones que crean las cuentas administrativas. • http://secunia.com/advisories/43012 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.0EPSS: 0%CPEs: 73EXPL: 0CVE-2011-1540
https://notcve.org/view.php?id=CVE-2011-1540
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de la versión v6.3 permite a usuarios remotos autenticados ejecutar código arbitrario a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://securityreason.com/securityalert/8233 http://www.securityfocus.com/bid/47507 http://www.securitytracker.com/id?1025414 •
CVSS: 10.0EPSS: 21%CPEs: 73EXPL: 0CVE-2011-1541
https://notcve.org/view.php?id=CVE-2011-1541
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de v6.3 permite a atacantes remotos evitar las restricciones de acceso previsto, y por lo tanto ejecutar código arbitrario, a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://securityreason.com/securityalert/8233 http://www.securityfocus.com/bid/47512 http://www.securitytracker.com/id?1025414 •
CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0CVE-2010-3284
https://notcve.org/view.php?id=CVE-2010-3284
Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos obtener información confidencial a través de vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=128525531721328&w=2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0CVE-2010-3283 – HP System Management Homepage Cross Site Scripting
https://notcve.org/view.php?id=CVE-2010-3283
Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección involuntaria en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos redirigir a usuarios a páginas web de su elección y realizar ataques de phishing a través de vectores de ataque sin especificar. HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. • http://marc.info/?l=bugtraq&m=128525419119241&w=2 • CWE-20: Improper Input Validation •