CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7132
https://notcve.org/view.php?id=CVE-2020-7132
A potential security vulnerability has been identified in HPE Onboard Administrator. The vulnerability could be remotely exploited to allow Reflected Cross Site Scripting. HPE has made the following software updates and mitigation information to resolve the vulnerability in HPE Onboard Administrator. * OA 4.95 (Linux and Windows). Ha sido identificado una posible vulnerabilidad de seguridad en HPE Onboard Administrator. La vulnerabilidad podría ser explotada remotamente para permitir un ataque de tipo Cross Site Scripting Reflejado. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbhf03988en_us https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03988en_us • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 32EXPL: 0CVE-2012-0130
https://notcve.org/view.php?id=CVE-2012-0130
HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors. HP Onboard Administrator (OA) antes de v3.50 permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www.securityfocus.com/archive/1/522176 http://www.securityfocus.com/bid/52862 http://www.securitytracker.com/id?1026889 https://exchange.xforce.ibmcloud.com/vulnerabilities/74577 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 32EXPL: 0CVE-2012-0128
https://notcve.org/view.php?id=CVE-2012-0128
HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. HP Onboard Administrator (OA) antes de v3.50 permite a atacantes remotos redirigir a los usuarios a sitios web de su elección y llevar a cabo ataques de phishing a través de vectores no especificados. • http://www.securityfocus.com/archive/1/522176 http://www.securityfocus.com/bid/52862 http://www.securitytracker.com/id?1026889 https://exchange.xforce.ibmcloud.com/vulnerabilities/74575 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 15%CPEs: 32EXPL: 0CVE-2012-0129
https://notcve.org/view.php?id=CVE-2012-0129
HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. HP Onboard Administrator (OA) antes de v3.50 permite a atacantes remotos eludir restricciones de acceso y ejecutar código de su elección a través de vectores no especificados. • http://www.securityfocus.com/archive/1/522176 http://www.securityfocus.com/bid/52862 http://www.securitytracker.com/id?1026889 https://exchange.xforce.ibmcloud.com/vulnerabilities/74576 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3155
https://notcve.org/view.php?id=CVE-2011-3155
Unspecified vulnerability in HP Onboard Administrator (OA) 3.21 through 3.31 allows remote attackers to bypass intended access restrictions via unknown vectors. Vulnerabilidad no especificada en HP Onboard Administrator (OA) v3.21 a v3.31 permite a atacantes remotos eludir restricciones de acceso previsto a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=131835356508182&w=2 http://securityreason.com/securityalert/8471 •