Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
power manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0277
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts.
Hp Power Manager
Hp Power Manager 4.2.5
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
Hp Power Manager 4.2.9
Hp Power Manager 4.2.7
NA
CVE-2011-0280
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, ...
Hp Power Manager
Hp Power Manager 4.2.5
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
Hp Power Manager 4.2.9
Hp Power Manager 4.2.7
NA
CVE-2010-4113
Stack-based buffer overflow in HP Power Manager (HPPM) prior to 4.3.2 allows remote malicious users to execute arbitrary code via a long Login variable to the management web server.
Hp Power Manager
Hp Power Manager 4.2.5
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
Hp Power Manager 4.2.7
NA
CVE-2009-4000
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager prior to 4.2.10 allows remote malicious users to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
Hp Power Manager
Hp Power Manager 4.2.5
Hp Power Manager 4.2.8
Hp Power Manager 4.2.6
Hp Power Manager 4.2.7
NA
CVE-2009-3999
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager prior to 4.2.10 allows remote malicious users to execute arbitrary code via a long fileName parameter.
Hp Power Manager
Hp Power Manager 4.2.5
Hp Power Manager 4.2.6
1 EDB exploit
8.8
CVSSv3
CVE-2021-23276
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated SQL injection. A malicious user can send a specially crafted packet to exploit the vulnerability. Successful exploitation of this vulnerability can allow malicious users to add users in the data base...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
10
CVSSv3
CVE-2021-23277
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated eval injection vulnerability. The software does not neutralize code syntax from users before using in the dynamic evaluation call in loadUserFile function under scripts/libs/utils.js. Successful ex...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.6
CVSSv3
CVE-2021-23278
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker ...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
10
CVSSv3
CVE-2021-23279
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to unauthenticated arbitrary file delete vulnerability induced due to improper input validation in meta_driver_srv.js class with saveDriverData action using invalidated driverID. An attacker can send specially crafte...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
9.9
CVSSv3
CVE-2021-23280
Eaton Intelligent Power Manager (IPM) before 1.69 is vulnerable to authenticated arbitrary file upload vulnerability. IPM’s maps_srv.js allows an malicious user to upload a malicious NodeJS file using uploadBackgroud action. An attacker can upload a malicious code or execut...
Eaton Intelligent Power Manager
Eaton Intelligent Power Manager Virtual Appliance
Eaton Intelligent Power Protector
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »