4 matches found
Pandora FMS <=7.0NG.722 - Remote Code Execution
Pandora FMS versions =7.0NG.722 are vulnerable to unauthenticated remote code execution by chaining an unrestricted file upload CVE-2018-11221 and a local file inclusion CVE-2018-11222. An attacker can upload a malicious PHP file as a plugin and execute it via LFI, leading to full compromise of t...
CVE-2018-11222
creationtimestamp| type| source ---|---|--- 2024-11-07 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-07 2024-12-23 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-23 2025-01-12 00:00:00+00:00| seen| The Shadowserver...
CVE-2018-11222
Local File Inclusion LFI in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandoraconsole/ajax.php ajax endpoint...
CVE-2018-11222
Pandora FMS