CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities Published In 2010 (Cross Site Scripting (XSS))

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-4114 79 XSS 2010-12-22 2011-01-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2 CVE-2010-4111 79 XSS 2010-12-22 2011-01-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
3 CVE-2010-4109 79 XSS 2010-12-08 2011-01-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file.
4 CVE-2010-4101 79 XSS 2010-11-01 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
5 CVE-2010-4030 79 XSS 2010-11-01 2011-01-21
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
6 CVE-2010-4023 79 XSS 2010-10-28 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
7 CVE-2010-3994 79 XSS 2010-10-28 2010-11-06
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
8 CVE-2010-3991 79 XSS 2010-10-28 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9 CVE-2010-3987 79 XSS 2010-10-28 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
10 CVE-2010-3985 79 XSS 2010-10-26 2010-11-06
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
11 CVE-2010-3291 79 XSS 2010-10-21 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
12 CVE-2010-3289 79 XSS 2010-10-23 2010-11-11
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13 CVE-2010-3012 79 XSS 2010-09-17 2010-09-20
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue was originally assigned CVE-2010-3010 due to a CNA error.
14 CVE-2010-3010 79 XSS 2010-09-15 2010-09-21
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware before 1.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.
15 CVE-2010-3003 79 XSS 2010-09-10 2010-09-13
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
16 CVE-2010-1969 79 XSS 2010-07-22 2010-07-22
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
17 CVE-2010-1963 79 XSS 2010-06-07 2010-06-07
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
18 CVE-2010-1557 79 XSS 2010-05-14 2010-05-21
4.3
 None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
19 CVE-2010-1036 79 XSS 2010-04-28 2010-06-03
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
20 CVE-2010-0452 79 XSS 2010-03-29 2010-03-30
4.3
 None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
21 CVE-2010-0449 79 XSS 2010-03-31 2010-04-01
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
22 CVE-2009-4185 79 XSS 2010-02-05 2010-03-26
4.3
 None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.
Total number of vulnerabilities : 22   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.