Note:
This project will be discontinued after December 13, 2021. [more]
Product:
System_management_homepage
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 78 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-10-18 | CVE-2014-7874 | Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 3.2.3 on HP-UX B.11.23, and before 3.2.8 on HP-UX B.11.31, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | Hp\-Ux, System_management_homepage | N/A | ||
| 2013-06-14 | CVE-2013-3576 | ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. | System_management_homepage | N/A | ||
| 2012-04-18 | CVE-2012-1993 | Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to modify data or obtain sensitive information via unknown vectors. | System_management_homepage | N/A | ||
| 2012-04-18 | CVE-2012-0135 | Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. | System_management_homepage | N/A | ||
| 2012-04-12 | CVE-2011-3846 | Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) 6.2.2.7 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. | System_management_homepage | N/A | ||
| 2011-04-29 | CVE-2011-1541 | Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote attackers to bypass intended access restrictions, and consequently execute arbitrary code, via unknown vectors. | System_management_homepage | N/A | ||
| 2011-04-29 | CVE-2011-1540 | Unspecified vulnerability in HP System Management Homepage (SMH) before 6.3 allows remote authenticated users to execute arbitrary code via unknown vectors. | System_management_homepage | N/A | ||
| 2010-04-28 | CVE-2010-1586 | Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter. | System_management_homepage | N/A | ||
| 2010-02-05 | CVE-2009-4185 | Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter. | System_management_homepage | N/A | ||
| 2009-05-19 | CVE-2009-1418 | Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | System_management_homepage | N/A |