6 matches found
HP System Management Homepage red2301.html RedirectUrl Cross Site Scripting (CVE-2014-2640)
A cross-site scripting vulnerability exists in HP's System Management Homepage SMH. The vulnerability is due to an input validation error when handling 'RedirectUrl' parameter of red2301.html page. A remote attacker could exploit this vulnerability by enticing a target user to follow a malicious...
HP System Management Homepage < 7.4 Multiple Vulnerabilities
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is affected by the following vulnerabilities : - A flaw exists within the included cURL that disables the 'CURLOPTSSLVERIFYHOST' check when the setting on 'CURLOPTSSLVERIFYPEER' ...
[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04463322 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04463322 Version: 1 HPSBMU03112 rev....
CVE-2014-2640
Cross-site scripting XSS vulnerability in HP System Management Homepage SMH before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-2640
HP System Management Homepage (SMH) is affected by CVE-2014-2640, a cross-site scripting (XSS) vulnerability in SMH before version 7.4. The issue is tied to input handling of the RedirectUrl parameter in red2301.html, enabling remote attackers to inject arbitrary script via specially crafted link...
KLA10458 Multiple vulnerabilities in HP SMH
Multiple vulnerabilities was found in HP SMH. By exploiting these vulnerabilities malicious users can conduct XSS, CSRF and clicjacking attacks via unspecified vectors. These vulnerabilities can be exploited remotely. Original advisories HP bulletin Related products HP-System-Management-Homepage...