Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-18250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

7.5CVSS7.1AI score0.00995EPSS
Exploits1References2
NVD
NVD
added 2024/04/15 6:15 p.m.14 views

CVE-2023-47622

iTop is an IT service management platform. When dashlet are refreshed, XSS attacks are possible. This vulnerability is fixed in 3.0.4 and 3.1.1...

8.8CVSS8.3AI score0.00439EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/29 12:0 a.m.6 views

PT-2024-13462 · Itop +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.0.4 iTop versions prior to 3.1.1 Description: iTop is an IT service management platform. When dashlets are refreshed, XSS attacks are possible. Recommendations: For versions prior to 3.0.4, update to version 3.0.4 or...

9.8CVSS6.8AI score0.25573EPSS
Exploits11References69
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.4 views

SUSE CVE-2018-18250

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

7.5CVSS7.7AI score0.00995EPSS
Exploits1References4
OSV
OSV
added 2021/10/26 11:15 a.m.3 views

CVE-2021-40345

An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection within the name of the first file in the archive allows an attacker to execute system commands...

7.2CVSS5.9AI score0.23044EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/10/26 12:0 a.m.4 views

Nagios XI 命令注入漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. Nagios XI 5.8.5 suffers from a security vulnerability that originates in the Manage Dashlets section of the...

9CVSS7.3AI score0.23044EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2021/10/26 12:0 a.m.5 views

PT-2021-22866 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version 5.8.5 Description: An issue was discovered in the Manage Dashlets section of the Admin panel, where an administrator can upload ZIP files. A command injection, within the name of the first file in the archive, allows an...

9CVSS7.1AI score0.23044EPSS
Exploits1References8
CVE
CVE
added 2021/10/26 12:0 a.m.68 views

CVE-2021-40345

CVE-2021-40345 affects Nagios XI 5.8.5. In the Admin panel’s Manage Dashlets, an administrator-uploaded ZIP can trigger a command injection via the name of the first file in the archive, enabling execution of system commands. Several sources document authenticated command-injection abuse (includi...

9CVSS7.3AI score0.23044EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2018/12/17 3:29 p.m.14 views

Code injection

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

5CVSS7.5AI score0.00995EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2018/12/17 3:29 p.m.17 views

CVE-2018-18250

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

7.5CVSS7.1AI score0.00995EPSS
Exploits1References2
OSV
OSV
added 2018/12/17 3:29 p.m.6 views

UBUNTU-CVE-2018-18250

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

7.5CVSS7.1AI score0.00995EPSS
Exploits1References3
OSV
OSV
added 2018/12/17 3:29 p.m.1 views

DEBIAN-CVE-2018-18250

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item...

7.5CVSS6.8AI score0.00995EPSS
Exploits1References1
CVE
CVE
added 2018/12/17 3:0 p.m.120 views

CVE-2018-18250

CVE-2018-18250 affects Icinga Web 2 prior to version 2.6.2, where crafted navigation item names (notably a single '$') can break navigation dashlets. The issue is documented across multiple sources tied to Icinga Web 2, including openSUSE/SUSE advisories and OSS/OSS-related bulletins, indicating ...

7.5CVSS7.8AI score0.00995EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder