Lucene search

K

Monitorix Security Vulnerabilities

cve
cve

CVE-2021-3325

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without considering that some exiting installations became unsafe, upon an.....

9.8CVSS

9.3AI Score

0.013EPSS

2021-01-27 07:15 PM
27
5
cve
cve

CVE-2013-7070

The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the...

9.8CVSS

9.6AI Score

0.005EPSS

2019-12-31 08:15 PM
36
cve
cve

CVE-2013-7071

Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the...

6.1CVSS

6.8AI Score

0.002EPSS

2019-12-31 08:15 PM
24
cve
cve

CVE-2018-7649

Monitorix before 3.10.1 allows XSS via CGI...

6.1CVSS

5.9AI Score

0.001EPSS

2018-08-02 05:29 PM
19