CVE-2011-1597
- EPSS 1.86%
- Published 06.02.2020 00:15:09
- Last modified 21.11.2024 01:26:40
OpenVAS Manager v2.0.3 allows plugin remote code execution.
CVE-2014-9220
- EPSS 0.44%
- Published 03.12.2014 01:59:02
- Last modified 12.04.2025 10:46:40
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
CVE-2013-6765
- EPSS 4.88%
- Published 19.05.2014 14:55:09
- Last modified 12.04.2025 10:46:40
OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information, which causes the state to be set to CLIENT_AUTHENT...
CVE-2012-5520
- EPSS 2.13%
- Published 26.11.2012 12:45:22
- Last modified 11.04.2025 00:51:21
The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP request.
- EPSS 9.73%
- Published 28.01.2011 16:00:02
- Last modified 11.04.2025 00:51:21
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security A...