Vulnerabilities > HP > System Management Homepage > 2.0.2.106
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-05 | CVE-2009-4185 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. | 4.3 |
| 2009-05-19 | CVE-2009-1418 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-11-04 | CVE-2008-4413 | Permissions, Privileges, and Access Controls vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. | 6.2 |
| 2008-10-13 | CVE-2008-4411 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | 4.3 |
| 2007-06-19 | CVE-2007-3260 | Remote Privilege Escalation vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges. | 9.0 |