Op5: >> Monitor >> 5.4.2 Security Vulnerabilities
Unspecified vulnerability in op5 Monitor before 6.1.3 allows attackers to read arbitrary files via unknown vectors related to lack of authorization.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-01-29
op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.
CVSS Score
10.0
EPSS Score
0.911
Published
2013-12-31
monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are triggered by (1) a malformed hoststatustypes parameter to status/service/all or (2) a crafted request to config.
CVSS Score
4.0
EPSS Score
0.005
Published
2013-12-31
op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.044
Published
2013-12-31
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for an install action.
CVSS Score
10.0
EPSS Score
0.865
Published
2013-12-31