CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2008-1663
https://notcve.org/view.php?id=CVE-2008-1663
09 Jul 2008 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados en HP System Management Homepage (SMH) 2.1.10 y 2.1.11 en Linux y Windows que permite a los atacantes remotos insertar una secuencia arbitraria de comandos web o HTML a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=121492633526894&w=2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2007-4931
https://notcve.org/view.php?id=CVE-2007-4931
18 Sep 2007 — HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL. HP System Management Homepage (SMH) para Windows, cuando se usa en conjunto con HP Version Control Agent o Version Control REpository Manager, deja el software OpenSSL activo después de una actualización Op... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01164065 •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3260
https://notcve.org/view.php?id=CVE-2007-3260
19 Jun 2007 — HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges. HP System Management Homepage (SMH) anterior a 2.1.9 para Linux, cuando se usa con Novel eDirectory, asigna a los miembros de eDirectory al grupo root, lo cual permite a usuarios de eDirectory autenticados remotamente obtener privilegios. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01072894 •
CVSS: 6.1EPSS: 2%CPEs: 5EXPL: 0CVE-2007-3062
https://notcve.org/view.php?id=CVE-2007-3062
06 Jun 2007 — Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP System Management Homepage (SMH) en versiones anteriores a 2.1.2 corriendo en Linux y Windows permite a atacantes remotos inyectar secuencias de comandos (script) web o HTML de su elección a través de vectores sin especificar. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2006-1774
https://notcve.org/view.php?id=CVE-2006-1774
13 Apr 2006 — HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL. • http://securitytracker.com/id?1015901 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2006-1023
https://notcve.org/view.php?id=CVE-2006-1023
07 Mar 2006 — Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors. • http://secunia.com/advisories/19059 •