Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2010-4279
HistoryDec 02, 2010 - 5:00 p.m.

CVE-2010-4279

2010-12-0217:00:00
mitre
www.cve.org
6

AI Score

6.8

Confidence

Low

EPSS

0.964

Percentile

99.6%

JSON

The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which allows remote attackers to bypass authentication by sending a request to index.php with “admin” in the loginhash_user parameter, in conjunction with the md5 hash of “admin” in the loginhash_data parameter.

Related

nessus 1
exploitpack 1
metasploit 1
exploitdb 2
prion 1
cve 1
nvd 1
seebug 1
packetstorm 2
zdt 2
securityvulns 2
openvas 2
nessus
nessus
Pandora FMS Console Authentication Bypass
2010-12-01 00:00:00
exploitpack
exploitpack
Pandora FMS 3.1 - Authentication Bypass
2010-11-30 00:00:00
metasploit
metasploit
Pandora FMS v3.1 Auth Bypass and Arbitrary File Upload Vulnerability
2013-12-03 13:23:56
exploitdb
exploitdb
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
2015-01-08 00:00:00
Pandora FMS 3.1 - Authentication Bypass
2010-11-30 00:00:00
prion
prion
Authentication flaw
2010-12-02 17:15:00
cve
cve
CVE-2010-4279
2010-12-02 17:15:00
nvd
nvd
CVE-2010-4279
2010-12-02 17:15:00
seebug
seebug
Pandora FMS <= 3.1 Authentication Bypass
2014-07-01 00:00:00
packetstorm
packetstorm
Pandora 3.1 Auth Bypass / Arbitrary File Upload
2015-01-07 00:00:00
Pandora FMS Command Injection / SQL Injection / Path Traversal
2010-12-01 00:00:00
zdt
zdt
Pandora 3.1 Auth Bypass / Arbitrary File Upload Vulnerabilities
2015-01-07 00:00:00
Pandora FMS <= 3.1 Mullti Vulnerability
2010-12-01 00:00:00
securityvulns
securityvulns
Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities
2010-12-01 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2010-12-01 00:00:00
openvas
openvas
Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check
2010-12-01 00:00:00
Pandora FMS Authentication Bypass And Multiple Input Validation Vulnerabilities
2010-12-01 00:00:00

AI Score

6.8

Confidence

Low

EPSS

0.964

Percentile

99.6%

JSON
Related for CVELIST:CVE-2010-4279
nessus1exploitpack1metasploit1exploitdb2prion1cve1nvd1seebug1packetstorm2zdt2securityvulns2openvas2