Vulnerabilities > HP > System Management Homepage > 7.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-02 | CVE-2014-2642 | Improper Input Validation vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 4.3 |
2014-10-02 | CVE-2014-2641 | Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 6.0 |
2014-10-02 | CVE-2014-2640 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2014-03-14 | CVE-2013-6188 | Cross-Site Request Forgery (CSRF) vulnerability in HP System Management Homepage Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 7.1 through 7.2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2014-03-14 | CVE-2013-4846 | Information Disclosure vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors. | 5.0 |