Lucene search
K

996 matches found

Nuclei
Nuclei
added 19 hours ago14 views

Pandora FMS <=7.0NG.722 - Remote Code Execution

Pandora FMS versions =7.0NG.722 are vulnerable to unauthenticated remote code execution by chaining an unrestricted file upload CVE-2018-11221 and a local file inclusion CVE-2018-11222. An attacker can upload a malicious PHP file as a plugin and execute it via LFI, leading to full compromise of t...

9.8CVSS7.8AI score0.06714EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.13 views

CVE-2026-34187

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

9.8CVSS5.7AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-30810

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS5.5AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.7 views

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS5.5AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.12 views

CVE-2026-30807

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS5.5AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29512

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.9AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29494

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS5.8AI score0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29495

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

7.1CVSS5.8AI score0.00144EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.10 views

EUVD-2026-29496

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.8AI score0.00267EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29497

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

7.1CVSS5.8AI score0.00302EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 4:16 p.m.16 views

CVE-2026-34187

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

9.8CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.10 views

CVE-2026-30810

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.14 views

CVE-2026-30807

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.13 views

CVE-2026-30808

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

8.1CVSS0.00267EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.32 views

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS0.00341EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 3:13 p.m.31 views

CVE-2026-34187

The CVE-2026-34187 vulnerability affects Pandora FMS, specifically versions 777 through 800. It is described as an improper neutralization of special elements used in an SQL command, enabling SQL Injection via a graph container parameter. According to the NVD metrics, the issue has a CVSS v3.1 ba...

9.8CVSS5.9AI score0.00274EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 3:13 p.m.8 views

CVE-2026-34187 SQL Injection in Graph Container Parameter

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.9AI score0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 3:13 p.m.60 views

CVE-2026-34187 SQL Injection in Graph Container Parameter

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 3:12 p.m.11 views

CVE-2026-30810 Server-Side Request Forgery in API Checker leads to Privilege Escalation

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

7.1CVSS5.8AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 3:12 p.m.23 views

CVE-2026-30810

Pandora FMS versions 777–800 have a Server-Side Request Forgery vulnerability that enables privilege escalation via the API Checker extension (CVE-2026-30810). The CVSSv4 base score is 7.1 (HIGH) with NETWORK vector, LOW attack complexity, and LOW privileges required. Documents confirm SSRF and p...

8.8CVSS5.8AI score0.00302EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder