CVSS: 6.1EPSS: 0%CPEs: 65EXPL: 0CVE-2010-3283
https://notcve.org/view.php?id=CVE-2010-3283
24 Sep 2010 — Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección involuntaria en HP System Management Homepage (SMH) en versiones anteriores a la v6.2 permite a atacantes remotos redirigir a usuarios a páginas web de su elección y realizar ataques de phishing a través de vectores de ataque sin especificar. • http://marc.info/?l=bugtraq&m=128525419119241&w=2 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 1%CPEs: 64EXPL: 0CVE-2010-3012
https://notcve.org/view.php?id=CVE-2010-3012
17 Sep 2010 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) antes de v6.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. NOTA: este problema se le asig... • http://secunia.com/advisories/41480 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0CVE-2010-3011
https://notcve.org/view.php?id=CVE-2010-3011
17 Sep 2010 — CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF (se refiere a CR (retorno de carro) y LF (salto de línea)) en HP System Management Homepage (SMH) anterior a v6.2 permite a atacantes remotos inyectar cabeceras HTTP a su elección y llevar a cabo ataques de respuesta HTTP divididas a través de vectores no especificados. • http://secunia.com/advisories/41480 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3009
https://notcve.org/view.php?id=CVE-2010-3009
15 Sep 2010 — Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) para Linux v6.0 y v6.1 permite a los usuarios remotos autenticados obtener información sensible y privilegios de administrador (root) a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=128447666623011&w=2 •
CVSS: 6.1EPSS: 3%CPEs: 30EXPL: 3CVE-2010-1586 – HP System Management Homepage - 'RedirectUrl' Open Redirection
https://notcve.org/view.php?id=CVE-2010-1586
28 Apr 2010 — Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. Vulnerabilidad de redireccionamiento directo en red2301.html en HP System Management Homepage (SMH) v2.x.x.x permite a atacantse remotos redireccionar a los usuarios a un sitio web a su elección y provocar ataques phishing a través del parámetro REdirectUrl. • https://www.exploit-db.com/exploits/33873 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2010-1034
https://notcve.org/view.php?id=CVE-2010-1034
23 Apr 2010 — Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v6.0 anterior a v6.0.0-95 para Linux y v6.0 anterior a v6.0.0.96 para Windows, permite a usuarios autenticados en remoto obtener información sensible, modificar datos y provocar de... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 •
CVSS: 6.1EPSS: 0%CPEs: 37EXPL: 1CVE-2009-4185
https://notcve.org/view.php?id=CVE-2009-4185
05 Feb 2010 — Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. Vulnerabilidad de ejecución de comandos en sitios cruzados(XSS)en proxy/smhui/getuiinfo en HP System Management Homepage (SMH) anterior v6.0 permite a atacantes remotos inyectar código web o HTML de su elección a través del parámetro servercert. • http://marc.info/?l=bugtraq&m=126529736830358&w=2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 53EXPL: 0CVE-2009-1418
https://notcve.org/view.php?id=CVE-2009-1418
19 May 2009 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) anteriores a v3.0.1.73 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a través de vectores inespecíficos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01745065 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2008-4413
https://notcve.org/view.php?id=CVE-2008-4413
04 Nov 2008 — Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. Vulnerabilidad no especificada en HP System Management Homepage (SMH) v2.2.6 y anteriores en HP-UX B.11.11 y B.11.23, y SMH 2.2.6 y 2.2.8 y anteriores en HP-UX B.11.23 y B.11.31; permite a usuarios locales obtener "... • http://marc.info/?l=bugtraq&m=122581539223159&w=2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 31EXPL: 0CVE-2008-4411
https://notcve.org/view.php?id=CVE-2008-4411
13 Oct 2008 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en versiones de HP System Management Homepage (SMH) anteriores a la 2.1.15.210 en Linux y Windows permite a atacantes remotos inyectar código HTML o secuencias de comandos web o ar... • http://marc.info/?l=bugtraq&m=122356588429626&w=2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •