Vulnerability Details CVE-2009-4185
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://marc.info/?l=bugtraq&m=126529736830358&w=2
- http://marc.info/?l=bugtraq&m=126529736830358&w=2
- http://secunia.com/advisories/38341
- http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15
- http://www.securityfocus.com/archive/1/509195/100/0/threaded
- http://www.securityfocus.com/bid/38081
- http://www.securitytracker.com/id?1023541
- http://www.vupen.com/english/advisories/2010/0294
- http://marc.info/?l=bugtraq&m=126529736830358&w=2
- http://marc.info/?l=bugtraq&m=126529736830358&w=2
- http://secunia.com/advisories/38341
- http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-15
- http://www.securityfocus.com/archive/1/509195/100/0/threaded
- http://www.securityfocus.com/bid/38081
- http://www.securitytracker.com/id?1023541
- http://www.vupen.com/english/advisories/2010/0294
Products affected by CVE-2009-4185
-
cpe:2.3:a:hp:system_management_homepage:-
-
cpe:2.3:a:hp:system_management_homepage:2.0.0
-
cpe:2.3:a:hp:system_management_homepage:2.0.1
-
cpe:2.3:a:hp:system_management_homepage:2.0.1.104
-
cpe:2.3:a:hp:system_management_homepage:2.0.2
-
cpe:2.3:a:hp:system_management_homepage:2.0.2.106
-
cpe:2.3:a:hp:system_management_homepage:2.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-103(a)
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-109
-
cpe:2.3:a:hp:system_management_homepage:2.1.0-118
-
cpe:2.3:a:hp:system_management_homepage:2.1.0.121
-
cpe:2.3:a:hp:system_management_homepage:2.1.1
-
cpe:2.3:a:hp:system_management_homepage:2.1.10
-
cpe:2.3:a:hp:system_management_homepage:2.1.10-186
-
cpe:2.3:a:hp:system_management_homepage:2.1.10.186
-
cpe:2.3:a:hp:system_management_homepage:2.1.11
-
cpe:2.3:a:hp:system_management_homepage:2.1.11-197
-
cpe:2.3:a:hp:system_management_homepage:2.1.11.197
-
cpe:2.3:a:hp:system_management_homepage:2.1.12-118
-
cpe:2.3:a:hp:system_management_homepage:2.1.12-200
-
cpe:2.3:a:hp:system_management_homepage:2.1.12.201
-
cpe:2.3:a:hp:system_management_homepage:2.1.14
-
cpe:2.3:a:hp:system_management_homepage:2.1.14.20
-
cpe:2.3:a:hp:system_management_homepage:2.1.15
-
cpe:2.3:a:hp:system_management_homepage:2.1.15-210
-
cpe:2.3:a:hp:system_management_homepage:2.1.15.210
-
cpe:2.3:a:hp:system_management_homepage:2.1.2
-
cpe:2.3:a:hp:system_management_homepage:2.1.2-127
-
cpe:2.3:a:hp:system_management_homepage:2.1.2.127
-
cpe:2.3:a:hp:system_management_homepage:2.1.3
-
cpe:2.3:a:hp:system_management_homepage:2.1.3.132
-
cpe:2.3:a:hp:system_management_homepage:2.1.4
-
cpe:2.3:a:hp:system_management_homepage:2.1.4-143
-
cpe:2.3:a:hp:system_management_homepage:2.1.4.143
-
cpe:2.3:a:hp:system_management_homepage:2.1.5
-
cpe:2.3:a:hp:system_management_homepage:2.1.5-146
-
cpe:2.3:a:hp:system_management_homepage:2.1.5.146
-
cpe:2.3:a:hp:system_management_homepage:2.1.6
-
cpe:2.3:a:hp:system_management_homepage:2.1.6-156
-
cpe:2.3:a:hp:system_management_homepage:2.1.6.156
-
cpe:2.3:a:hp:system_management_homepage:2.1.7
-
cpe:2.3:a:hp:system_management_homepage:2.1.7-168
-
cpe:2.3:a:hp:system_management_homepage:2.1.7.168
-
cpe:2.3:a:hp:system_management_homepage:2.1.8
-
cpe:2.3:a:hp:system_management_homepage:2.1.8-177
-
cpe:2.3:a:hp:system_management_homepage:2.1.8.179
-
cpe:2.3:a:hp:system_management_homepage:2.1.9
-
cpe:2.3:a:hp:system_management_homepage:2.1.9-178
-
cpe:2.3:a:hp:system_management_homepage:2.2.6
-
cpe:2.3:a:hp:system_management_homepage:2.2.8
-
cpe:2.3:a:hp:system_management_homepage:3.0.0
-
cpe:2.3:a:hp:system_management_homepage:3.0.0-68
-
cpe:2.3:a:hp:system_management_homepage:3.0.0.64
-
cpe:2.3:a:hp:system_management_homepage:3.0.1
-
cpe:2.3:a:hp:system_management_homepage:3.0.1-73
-
cpe:2.3:a:hp:system_management_homepage:3.0.1.73
-
cpe:2.3:a:hp:system_management_homepage:3.0.2
-
cpe:2.3:a:hp:system_management_homepage:3.0.2-77
-
cpe:2.3:a:hp:system_management_homepage:3.0.2.77