CVE-2011-0280
- EPSS 0.67%
- Published 14.03.2011 19:55:00
- Last modified 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/...
CVE-2011-0277
- EPSS 0.17%
- Published 09.02.2011 01:00:09
- Last modified 11.04.2025 00:51:21
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
CVE-2010-4113
- EPSS 17.57%
- Published 22.12.2010 21:00:18
- Last modified 11.04.2025 00:51:21
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
- EPSS 70.59%
- Published 20.01.2010 22:30:00
- Last modified 11.04.2025 00:51:21
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
- EPSS 31.58%
- Published 20.01.2010 22:30:00
- Last modified 11.04.2025 00:51:21
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
- EPSS 76.74%
- Published 06.11.2009 15:30:00
- Last modified 09.04.2025 00:30:58
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.