Loading
Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.
Use CWE-22, Vmturbo vendor hub and Operations Manager product page to widen CVE-2014-3806 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2014-5073 for nearby disclosures in the same product family.