Published: 19/10/2014 Updated: 09/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) prior to 11.14 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp operations agent

#!/usr/bin/python # Exploit Title: HP Operations Agent / HP Communications Broker Remote XSS iFrame Injection # Date: 10/16/2014 # Exploit Author: Matt Schmidt (Syph0n) # Vendor Homepage: wwwhpcom # Version: HP Operations Manager/Operations Agent / OpenView Communications Broker < 1114 # Tested on: Windows 7, SunOS, RHEL Linux # CVE : CVE-201 ...

Nothing to see here - test repo

EXPLOITS CVE-2007-6483 SafeNet Sentinel Protection Server 70 < 74 / Sentinel Keys Server 103 < 104 - Directory Traversal CVE-2014-2647 HP Operations Agent - Cross-Site Scripting iFrame Injection

CWE-79 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472444 http://www.exploit-db.com/exploits/35076 https://nvd.nist.gov https://github.com/syph0n/Exploits https://www.exploit-db.com/exploits/35076/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-2647

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect