Power Manager@4.2.6 Security Vulnerabilities and Issues — Power Manager@4.2.6 CVE List

Lucene search

HpPower Manager4.2.6

5 matches found

CVE•added 2010/12/22 9:0 p.m.•51 views

CVE-2010-4113

Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.

9.3CVSS8AI score0.17568EPSS

CVE•added 2011/02/09 1:0 a.m.•44 views

CVE-2011-0277

Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.

6.8CVSS7.2AI score0.00167EPSS

CVE•added 2010/01/20 10:30 p.m.•42 views

CVE-2009-4000

Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.

10CVSS7.3AI score0.31575EPSS

CVE•added 2010/01/20 10:30 p.m.•40 views

CVE-2009-3999

Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.

10CVSS6.8AI score0.699EPSS

CVE•added 2011/03/14 7:55 p.m.•35 views

CVE-2011-0280

Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL p...

4.3CVSS5.8AI score0.00674EPSS