Page 14 of 74 results (0.013 seconds)

CVSS: 4.3EPSS: 0%CPEs: 53EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) anteriores a v3.0.1.73 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a través de vectores inespecíficos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065 http://jvn.jp/en/jp/JVN02331156/index.html http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000029.html http://secunia.com/advisories/35108 http://securitytracker.com/id?1022242 http://www.securityfocus.com/bid/35031 https://exchange.xforce.ibmcloud.com/vulnerabilities/50633 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.2EPSS: 0%CPEs: 70EXPL: 0

Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v2.2.6 y anteriores en HP-UX B.11.11 y B.11.23, y SMH 2.2.6 y 2.2.8 y anteriores en HP-UX B.11.23 y B.11.31; permite a usuarios locales obtener "acceso no autorizado" a través de vectores desconocidos. Puede que esté relacionado con los permisos de los ficheros temporales. • http://marc.info/?l=bugtraq&m=122581539223159&w=2 http://osvdb.org/49521 http://secunia.com/advisories/32544 http://securityreason.com/securityalert/4545 http://www.securitytracker.com/id?1021133 http://www.vupen.com/english/advisories/2008/2999 https://exchange.xforce.ibmcloud.com/vulnerabilities/46313 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en versiones de HP System Management Homepage (SMH) anteriores a la 2.1.15.210 en Linux y Windows permite a atacantes remotos inyectar código HTML o secuencias de comandos web o arbitrarios a través de vectores no especificados. Se trata de una vulnerabilidad diferente a la CVE-2008-1663. • http://marc.info/?l=bugtraq&m=122356588429626&w=2 http://secunia.com/advisories/32199 http://securityreason.com/securityalert/4398 http://securitytracker.com/id?1021015 http://www.securityfocus.com/bid/31663 http://www.vupen.com/english/advisories/2008/2778 https://exchange.xforce.ibmcloud.com/vulnerabilities/45754 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados en HP System Management Homepage (SMH) 2.1.10 y 2.1.11 en Linux y Windows que permite a los atacantes remotos insertar una secuencia arbitraria de comandos web o HTML a través de vectores no especificados. Further analysis regarding the HP System Management • http://marc.info/?l=bugtraq&m=121492633526894&w=2 http://secunia.com/advisories/30912 http://securityreason.com/securityalert/3979 http://www.securityfocus.com/bid/30029 http://www.securitytracker.com/id?1020406 http://www.vupen.com/english/advisories/2008/1990/references • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0

HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL. HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo después de una actualización OpenSSL, lo cual tiene impacto y vectores de ataque desconocidos, probablemente relacionados con vulnerabilidades previas para OpenSSL. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065 http://osvdb.org/45941 http://securitytracker.com/id?1018696 http://www.securityfocus.com/bid/25675 •