VYPR

Operations Manager

by Vmturbo

CVEs (3)

  • CVE-2014-5073Aug 29, 2014
    risk 0.09cvss epss 0.73

    vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.

  • CVE-2009-3843Nov 24, 2009
    risk 0.09cvss epss 0.79

    HP Operations Manager 8.10 on Windows contains a "hidden account" in the XML file that specifies Tomcat users, which allows remote attackers to conduct unrestricted file upload attacks, and thereby execute arbitrary code, by using the org.apache.catalina.manager.HTMLManagerServle…

  • CVE-2014-3806May 21, 2014
    risk 0.04cvss epss 0.08

    Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.