Vulnerabilities > HP > System Management Homepage > 2.1.6.156
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-19 | CVE-2014-7874 | Cross-Site Request Forgery (CSRF) vulnerability in HP Hp-Ux and System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-10-02 | CVE-2014-2642 | Improper Input Validation vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2014-10-02 | CVE-2014-2641 | Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 6.0 |
2014-10-02 | CVE-2014-2640 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-03-14 | CVE-2013-4846 | Information Disclosure vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |
2013-09-23 | CVE-2013-4821 | Remote Denial of Service vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors. | 4.0 |
2013-07-22 | CVE-2013-2364 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2013-07-22 | CVE-2013-2363 | Information Disclosure vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356. | 5.0 |
2013-07-22 | CVE-2013-2362 | Local Denial of Service vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676. | 2.1 |
2013-07-22 | CVE-2013-2361 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |