Vmturbo : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.
Max CVSS
5.0
EPSS Score
9.06%
Published
2014-05-21
Updated
2018-10-09
CVE-2014-5073
Public exploit
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
Max CVSS
7.5
EPSS Score
91.57%
Published
2014-08-29
Updated
2017-08-29
2 vulnerabilities found