Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other...
6.3AI Score
0.003EPSS
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs...
6.1CVSS
5.9AI Score
0.001EPSS
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce...
6.1CVSS
5.8AI Score
0.001EPSS
9.8CVSS
9.2AI Score
0.007EPSS
Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name...
5.8AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by...
5.6AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.003EPSS
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack...
7.4AI Score
0.215EPSS
Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long...
6.8AI Score
0.731EPSS
Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to....
5.8AI Score
0.003EPSS