CVE-2009-4185
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-4185
Status
Candidate
Description
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
Severity
Medium
CVSS score
4,3
CVSS vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Phase
Assigned (26.03.2010)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4185
References
BID :
38081
BUGTRAQ :
20100127 PR09-15: XSS injection vulnerability within HP System Management Homepage (Insight Manager)
HP :
HPSBMA02504
HP :
SSRT090220
MISC :
http://www.procheckup.com/vulnerability_manager/vu...
SECTRACK :
1023541
SECUNIA :
38341
VUPEN :
ADV-2010-0294
SecurityVulns:
HP System Management Homepage crossite scripting
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
