CVE-2010-1586

NUCLEI

HP SMH 2.x.x.x - Open Redirect

Title source: llm

Description

Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Aung Khant · textremotemultiple

https://www.exploit-db.com/exploits/33873

View Code ZIP pw:eip

Nuclei Templates (1)

HP System Management Homepage (SMH) v2.x.x.x - Open Redirect

MEDIUMby ctflearner

References (3)

[Exploit] http://www.securityfocus.com/bid/39676

[Exploit] http://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/58107

Scores

EPSS 0.0044

EPSS Percentile 63.4%

Details

CWE

CWE-20

Status published

Products (30)

hp/system_management_homepage 2.0.0

hp/system_management_homepage 2.0.1

hp/system_management_homepage 2.0.2

hp/system_management_homepage 2.1

hp/system_management_homepage 2.1.0-103

hp/system_management_homepage 2.1.0-103\(a\)

hp/system_management_homepage 2.1.0-109

hp/system_management_homepage 2.1.0-118

hp/system_management_homepage 2.1.1

hp/system_management_homepage 2.1.2

... and 20 more

Published Apr 28, 2010

Tracked Since Feb 18, 2026