869 matches found
CVE-2014-2607
Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role...
CVE-2014-2607
Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role...
Code injection
Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role...
CVE-2014-2607
HP Operations Manager i (OMi) versions 9.1 and 9.2 are affected by a code-execution vulnerability exploitable by an authenticated OMi operator. The HP security bulletin (HPSBMU03042) lists Linux and Windows as impacted and provides patches/patch levels: OMi v9.2 service pack 9.2x (Linux/Windows) ...
CVE-2014-2607
Unspecified vulnerability in HP Operations Manager i 9.1 through 9.13 and 9.2 through 9.24 allows remote authenticated users to execute arbitrary code by leveraging the OMi operator role...
CVE-2014-3806
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...
Directory traversal
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...
CVE-2014-3806
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...
CVE-2014-3806
Summary: CVE-2014-3806 is a directory traversal vulnerability in VMTurbo Operations Manager prior to 4.6. The issue occurs in the CGI path cgi-bin/help/doIt.cgi via the xml_path parameter, where a leading dot-dot (..) can be used to read arbitrary files. The vulnerability is remote and affects th...
VM Turbo Operations Manager 4.5x - Directory Traversal
Exploit for cgi platform in category web applications Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory...
VM Turbo Operations Manager 4.5x - Directory Traversal
VM Turbo Operations Manager 4.5x - Directory Traversal Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory...
VM Turbo Operations Manager 4.5x - Directory Traversal
Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory Traversal Discovered and Provided: Jamal Pecou Securit...
Directory Traversal Vulnerability in VMTurbo Operations Manager 4.5 or earlier
Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory Traversal Discovered and Provided: Jamal Pecou Securit...
VM Turbo Operations Manager 4.5.x Directory Traversal
Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory Traversal Discovered and Provided: Jamal Pecou Securit...
Apache Tomcat Manager - Application Upload (Authenticated) Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Apache.Coyote|Tomcat/ CSRFVAR = 'CSRFNONCE=' include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo =...
Apache Tomcat Manager Code Execution Exploit
This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets var...
Apache Tomcat Manager Authenticated Upload Code Execution
This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on...
Cisco Video Surveillance Operations Manager Unauthenticated Access to Camera Video Feeds Vulnerability
A vulnerability in the administrative web interface of the Cisco Video Surveillance Operations Manager could allow an unauthenticated, remote attacker to view camera video feeds. The vulnerability is due to incomplete enforcement of authentication requirements. An attacker could exploit this...
CVE-2013-3417
The CVE-2013-3417 issue affects Cisco Video Surveillance Operations Manager’s administrative web interface, where improper authentication allows unauthenticated remote access to video feeds via a crafted URL (Bug CSCtg72262). Affected component: the admin web UI; root cause: incomplete enforcemen...
VMware vCenter Operations Manager Arbitrary File Upload (VMSA-2012-0013)
The version of vCenter Operations Manager installed on the remote host is earlier than 5.0.3. It is, therefore, potentially affected by an arbitrary file upload vulnerability in the Apache Struts component. By exploiting this flaw, a remote, unauthenticated attacker could overwrite arbitrary file...