Vulnerabilities > HP > System Management Homepage
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-09-24 | CVE-2010-3283 | Improper Input Validation vulnerability in HP System Management Homepage Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 4.3 |
2010-09-17 | CVE-2010-3012 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-09-17 | CVE-2010-3011 | Improper Input Validation vulnerability in HP System Management Homepage CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | 5.0 |
2010-09-15 | CVE-2010-3009 | Information Disclosure Vulnerability in HP System Management Homepage 6.0/6.1 Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors. | 9.0 |
2010-04-28 | CVE-2010-1586 | Improper Input Validation vulnerability in HP System Management Homepage Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | 4.3 |
2010-04-23 | CVE-2010-1034 | Remote vulnerability in HP System Management Homepage 6.0 Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6.0 before 6.0.0.96 on Windows, allows remote authenticated users to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | 4.6 |
2010-02-05 | CVE-2009-4185 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. | 4.3 |
2009-05-19 | CVE-2009-1418 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-11-04 | CVE-2008-4413 | Permissions, Privileges, and Access Controls vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) 2.2.6 and earlier on HP-UX B.11.11 and B.11.23, and SMH 2.2.6 and 2.2.8 and earlier on HP-UX B.11.23 and B.11.31, allows local users to gain "unauthorized access" via unknown vectors, possibly related to temporary file permissions. | 6.2 |
2008-10-13 | CVE-2008-4411 | Cross-Site Scripting vulnerability in HP System Management Homepage Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | 4.3 |