VYPR

Power Manager

by Microfocus

CVEs (6)

  • CVE-2009-3999Jan 20, 2010
    risk 0.09cvss epss 0.72

    Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.

  • CVE-2009-2685Nov 6, 2009
    risk 0.09cvss epss 0.77

    Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.

  • CVE-2009-4000Jan 20, 2010
    risk 0.02cvss epss 0.20

    Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.

  • CVE-2010-4113Dec 22, 2010
    risk 0.01cvss epss 0.10

    Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.

  • CVE-2011-0280Mar 14, 2011
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3)…

  • CVE-2011-0277Feb 9, 2011
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.