mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-02 07:51:39 +02:00
0xMarcio
903 B
903 B
CVE-2009-4188
Description
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
POC
Reference
No PoCs from references.