Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
power manager vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-0277
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts.
Hp Power Manager
Hp Power Manager 4.2.7
Hp Power Manager 4.2.5
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
Hp Power Manager 4.2.9
4.3
CVSSv2
CVE-2011-0280
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, ...
Hp Power Manager 4.2.8
Hp Power Manager 4.2.7
Hp Power Manager 4.2.5
Hp Power Manager
Hp Power Manager 4.2.6
Hp Power Manager 4.2.9
10
CVSSv2
CVE-2009-4000
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager prior to 4.2.10 allows remote malicious users to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
Hp Power Manager
Hp Power Manager 4.2.6
Hp Power Manager 4.2.5
Hp Power Manager 4.2.7
Hp Power Manager 4.2.8
9.3
CVSSv2
CVE-2010-4113
Stack-based buffer overflow in HP Power Manager (HPPM) prior to 4.3.2 allows remote malicious users to execute arbitrary code via a long Login variable to the management web server.
Hp Power Manager 4.2.7
Hp Power Manager 4.2.5
Hp Power Manager
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
10
CVSSv2
CVE-2009-3999
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager prior to 4.2.10 allows remote malicious users to execute arbitrary code via a long fileName parameter.
Hp Power Manager
Hp Power Manager 4.2.6
Hp Power Manager 4.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2021-23277
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful ex...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
NA
CVE-2023-32450
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
Dell Power Manager
10
CVSSv2
CVE-2009-2685
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote malicious users to execute arbitrary code via the Login variable.
Hp Power Manager
2 EDB exploits
NA
CVE-2023-28051
Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system.
Dell Power Manager
NA
CVE-2023-25543
Dell Power Manager, versions before 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system.
Dell Power Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »