CVE-2025-61789

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

CVE-2025-61789 Icinga DB Web hidden/protected custom variables are prone to filter enumeration

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

CVE-2025-61789 Icinga DB Web hidden/protected custom variables are prone to filter enumeration

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

PT-2025-42499

Name of the Vulnerable Software and Affected Versions Icinga DB Web versions prior to 1.1.4 Icinga DB Web versions prior to 1.2.3 Description Icinga DB Web offers a graphical interface for Icinga monitoring. An authorized user with access to Icinga DB Web can utilize a custom variable within a...

Hidden/Protected custom variables are prone to filter enumeration

Icinga reports: An authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values assigned to it...

EUVD-2022-29575

Malicious code in bioql PyPI...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

Linux Distros Unpatched Vulnerability : CVE-2021-32747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2023-25794 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.3 Description: A stored cross-site scripting XSS issue in the custom variables module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to the execution of malicio...

EyouCms 跨站脚本漏洞

Zanzan Network Technology EyouCms Eyou CMS is an open source content management system CMS based on ThinkPHP by China Zanzan Network Technology. A cross-site scripting vulnerability exists in EyouCms v1.6.3, which stems from a stored cross-site scripting XSS vulnerability in the custom variables...

SUSE CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

DEBIAN-CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

CVE-2021-32747

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...

Design/Logic Flaw

Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to unauthorized users exists between versions 2.0.0 and 2.8.2. Custom variables are user-defined keys and values on configuration objects in Icinga...