Page 12 of 60 results (0.016 seconds)

CVSS: 10.0EPSS: 21%CPEs: 73EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) antes de v6.3 permite a atacantes remotos evitar las restricciones de acceso previsto, y por lo tanto ejecutar código arbitrario, a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://securityreason.com/securityalert/8233 http://www.securityfocus.com/bid/47512 http://www.securitytracker.com/id?1025414 •

CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to obtain sensitive information via unknown vectors. Vulnerabilidad sin especificar en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos obtener información confidencial a través de vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=128525531721328&w=2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0

Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección involuntaria en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos redirigir a usuarios a páginas web de su elección y realizar ataques de phishing a través de vectores de ataque sin especificar. HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. • http://marc.info/?l=bugtraq&m=128525419119241&w=2 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 1%CPEs: 64EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) antes de v6.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. NOTA: este problema se le asignó originalmente CVE-2010-3010 debido a un error de CNA. • http://secunia.com/advisories/41480 http://secunia.com/advisories/41490 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0

CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF (se refiere a CR (retorno de carro) y LF (salto de línea)) en HP System Management Homepage (SMH) anterior a v6.2 permite a atacantes remotos inyectar cabeceras HTTP a su elección y llevar a cabo ataques de respuesta HTTP divididas a través de vectores no especificados. • http://secunia.com/advisories/41480 http://secunia.com/advisories/41490 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 • CWE-20: Improper Input Validation •