EUVD-2012-0300

Malware in sbrugna...

VulnCheck KEV: CVE-2012-0262

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...

CVE-2012-0262

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...

CVE-2012-0263

monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are triggered by 1 a malformed hoststatustypes parameter to status/service/all or 2 a crafted request to...

Code injection

op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter...

Design/Logic Flaw

op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors...

CVE-2012-0261

CVE-2012-0261 affects OP5 Monitor and OP5 Appliance: the license.php script in system-portal is vulnerable to remote command execution through shell metacharacters in the timestamp parameter of an install action. The validated root cause is improper input validation in license.php, leading to arb...

CVE-2012-0262

CVE-2012-0262 affects OP5 Monitor and OP5 Appliance prior to version 5.5.3. The vulnerability arises on the welcome page (op5config/welcome) where remote, unauthenticated attackers can cause arbitrary command execution by submitting shell metacharacters in the password parameter. Impact is remote...