Lucene search
+L

13 matches found

Cvelist
Cvelist
added 2014/08/29 5:0 p.m.24 views

CVE-2014-5073

vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call...

7.5AI score0.7345EPSS
Exploits6References8
CVE
CVE
added 2014/08/29 5:0 p.m.43 views

CVE-2014-5073

CVE-2014-5073 affects VMTurbo Operations Manager (vmtadmin.cgi) prior to 4.6 build 28657. The vulnerability allows remote command execution via shell metacharacters in the fileDate parameter of a DOWN call, enabling arbitrary commands. Connected sources indicate public exploitation/public PoCs an...

7.5CVSS7.8AI score0.7345EPSS
Exploits6References8Affected Software1
NVD
NVD
added 2014/08/29 4:55 p.m.13 views

CVE-2014-5073

vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call...

7.5CVSS7.5AI score0.7345EPSS
Exploits6References8
Prion
Prion
added 2014/08/29 4:55 p.m.16 views

Code injection

vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call...

7.5CVSS8.2AI score0.7345EPSS
Exploits6References8Affected Software1
OpenVAS
OpenVAS
added 2014/08/18 12:0 a.m.19 views

VMTurbo Operations Manager '/cgi-bin/vmtadmin.cgi' RCE Vulnerability

VMTurbo Operations Manager is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.7AI score0.7345EPSS
Exploits6References2
Packet Storm
Packet Storm
added 2014/08/14 12:0 a.m.26 views

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution', 'Description' = %q VMTurbo Operations Manager 4.6 and prior ar...

7.5CVSS0.9AI score0.7345EPSS
Exploits6
0day.today
0day.today
added 2014/08/14 12:0 a.m.33 views

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic...

7.5CVSS7.2AI score0.7345EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/08/14 12:0 a.m.31 views

VMTurbo Operations Manager 4.6 - 'vmtadmin.cgi' Remote Command Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution', 'Description' = %q VMTurbo Operations Manager 4.6 and prior ar...

7.5CVSS7.4AI score0.7345EPSS
Exploits6
Metasploit
Metasploit
added 2014/08/11 2:57 p.m.68 views

VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution

VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic...

7.5CVSS7.7AI score0.7345EPSS
Exploits6
NVD
NVD
added 2014/05/21 2:55 p.m.13 views

CVE-2014-3806

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...

5CVSS6.6AI score0.07651EPSS
Exploits1References5
Prion
Prion
added 2014/05/21 2:55 p.m.14 views

Directory traversal

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...

5CVSS7.1AI score0.07651EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2014/05/21 2:0 p.m.18 views

CVE-2014-3806

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. dot dot in the xmlpath parameter...

6.6AI score0.07651EPSS
Exploits1References5
CVE
CVE
added 2014/05/21 2:0 p.m.48 views

CVE-2014-3806

Summary: CVE-2014-3806 is a directory traversal vulnerability in VMTurbo Operations Manager prior to 4.6. The issue occurs in the CGI path cgi-bin/help/doIt.cgi via the xml_path parameter, where a leading dot-dot (..) can be used to read arbitrary files. The vulnerability is remote and affects th...

5CVSS6.8AI score0.07651EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder