← Back

Power Manager

power_manager

Vendor: Hp • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-0280
1Hp
1Power Manager
Apr 29, 2026
Mar 14, 2011
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2)...Show more
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information.Show less
CVE-2011-0277
1Hp
1Power Manager
Apr 29, 2026
Feb 9, 2011
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
CVE-2010-4113
1Hp
1Power Manager
Apr 29, 2026
Dec 22, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
CVE-2009-4000
1Hp
1Power Manager
Apr 29, 2026
Jan 20, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the...Show more
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.Show less
CVE-2009-3999
1Hp
1Power Manager
Apr 29, 2026
Jan 20, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
CVE-2009-2685
1Hp
1Power Manager
Apr 23, 2026
Nov 6, 2009
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.