.. / CVE-2010-1586

Exploit for HP System Management Homepage (SMH) v2.x.x.x - Open Redirect (CVE-2010-1586)

Description:

Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.

Nuclei Template

View the template here CVE-2010-1586.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2010/CVE-2010-1586.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2010-1586
https://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse
https://exchange.xforce.ibmcloud.com/vulnerabilities/58107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1586

.. / CVE-2010-1586 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for HP System Management Homepage (SMH) v2.x.x.x - Open Redirect (CVE-2010-1586)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2010-1586