CVSS: 4.3EPSS: 1%CPEs: 64EXPL: 0CVE-2010-3012
https://notcve.org/view.php?id=CVE-2010-3012
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) antes de v6.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. NOTA: este problema se le asignó originalmente CVE-2010-3010 debido a un error de CNA. • http://secunia.com/advisories/41480 http://secunia.com/advisories/41490 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0CVE-2010-3011
https://notcve.org/view.php?id=CVE-2010-3011
CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF (se refiere a CR (retorno de carro) y LF (salto de línea)) en HP System Management Homepage (SMH) anterior a v6.2 permite a atacantes remotos inyectar cabeceras HTTP a su elección y llevar a cabo ataques de respuesta HTTP divididas a través de vectores no especificados. • http://secunia.com/advisories/41480 http://secunia.com/advisories/41490 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3009
https://notcve.org/view.php?id=CVE-2010-3009
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) para Linux v6.0 y v6.1 permite a los usuarios remotos autenticados obtener información sensible y privilegios de administrador (root) a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=128447666623011&w=2 http://secunia.com/advisories/41427 http://www.securityfocus.com/bid/43208 http://www.securitytracker.com/id?1024433 http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053 •
CVSS: 4.3EPSS: 2%CPEs: 30EXPL: 3CVE-2010-1586 – HP System Management Homepage - 'RedirectUrl' Open Redirection
https://notcve.org/view.php?id=CVE-2010-1586
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. Vulnerabilidad de redireccionamiento directo en red2301.html en HP System Management Homepage (SMH) v2.x.x.x permite a atacantse remotos redireccionar a los usuarios a un sitio web a su elección y provocar ataques phishing a través del parámetro REdirectUrl. • https://www.exploit-db.com/exploits/33873 http://www.securityfocus.com/bid/39676 http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse https://exchange.xforce.ibmcloud.com/vulnerabilities/58107 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2010-1034
https://notcve.org/view.php?id=CVE-2010-1034
Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v6.0 anterior a v6.0.0-95 para Linux y v6.0 anterior a v6.0.0.96 para Windows, permite a usuarios autenticados en remoto obtener información sensible, modificar datos y provocar denegaciones de servicio mediante vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 http://securitytracker.com/id?1023909 http://www.osvdb.org/64089 •