VYPR

Management Console

by Avira

CVEs (10)

  • CVE-2014-125118CriJul 25, 2025
    risk 0.69cvss epss 0.03

    A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary…

  • CVE-2025-69828CriJan 22, 2026
    risk 0.65cvss 10.0epss 0.00

    File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit

  • CVE-2026-27914HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.03

    Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.

  • CVE-2015-7303Sep 21, 2015
    risk 0.03cvss epss 0.35

    Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header.

  • CVE-2025-69612Jan 22, 2026
    risk 0.00cvss epss 0.01

    A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing…

  • CVE-2020-36909Jan 6, 2026
    risk 0.00cvss epss 0.01

    SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to…

  • CVE-2020-36908Jan 6, 2026
    risk 0.00cvss epss 0.00

    SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user…

  • CVE-2020-13183Aug 17, 2020
    risk 0.00cvss epss 0.01

    Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to take over the user's active session if the user is exposed to a malicious payload.

  • CVE-2020-13174Aug 11, 2020
    risk 0.00cvss epss 0.01

    The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.

  • CVE-2020-10965Mar 25, 2020
    risk 0.00cvss epss 0.01

    Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.