4 matches found
CVE-2023-24515
creationtimestamp| type| source ---|---|--- 2023-08-22 22:18:01+00:00| seen| https://t.me/cibsecurity/68959...
CVE-2023-24515 Server side request forgery in api checker
Server-Side Request Forgery SSRF vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to...
CVE-2023-24515
The CVE-2023-24515 entry describes a Server-Side Request Forgery (SSRF) vulnerability in the API checker of Pandora FMS. The root cause is that the application does not validate the URL scheme when retrieving the API URL, allowing schemes such as file in addition to http/https. This could enable ...
CVE-2023-24515 Server side request forgery in api checker
Server-Side Request Forgery SSRF vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to...