Lucene search
K

1064 matches found

Nuclei
Nuclei
added yesterday58 views

myfactory FMS - Cross-Site Scripting

myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. id: CVE-2021-42566 info: name: myfactory FMS - Cross-Site Scripting author: madrobot,daffainfo severity: medium description: | myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. impact...

6.1CVSS6.4AI score0.05832EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday18 views

Pandora FMS <=7.0NG.722 - Remote Code Execution

Pandora FMS versions =7.0NG.722 are vulnerable to unauthenticated remote code execution by chaining an unrestricted file upload CVE-2018-11221 and a local file inclusion CVE-2018-11222. An attacker can upload a malicious PHP file as a plugin and execute it via LFI, leading to full compromise of t...

9.8CVSS7.4AI score0.06714EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday73 views

myfactory FMS - Cross-Site Scripting

myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter. id: CVE-2021-42565 info: name: myfactory FMS - Cross-Site Scripting author: madrobot,daffainfo severity: medium description: | myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter. impact: |...

6.1CVSS6.4AI score0.05832EPSS
Exploits3References3
Nuclei
Nuclei
added 2026/07/03 1:39 p.m.23 views

Pandora v7.0NG.777.3 - Remote Code Execution

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism.This issue affects Pandora FMS- from 700 through =777.4 id: CVE-2024-11320 info: name: Pandora v7.0NG.777.3 - Remote Code Execution author: DhiyaneshDK,Shubham...

9.8CVSS7.3AI score0.9123EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.16 views

CVE-2026-34187

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

9.8CVSS5.7AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-30810

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS5.5AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.13 views

CVE-2026-30807

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS5.5AI score0.00144EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS5.5AI score0.00341EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29512

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.9AI score0.00274EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.14 views

EUVD-2026-29497

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

7.1CVSS5.8AI score0.00302EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.16 views

EUVD-2026-29494

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS5.8AI score0.00341EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.11 views

EUVD-2026-29495

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

7.1CVSS5.8AI score0.00144EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 6:30 p.m.12 views

EUVD-2026-29496

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS5.8AI score0.00267EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 4:16 p.m.16 views

CVE-2026-34187

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

9.8CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.13 views

CVE-2026-30810

Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.15 views

CVE-2026-30808

Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800...

8.1CVSS0.00267EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.16 views

CVE-2026-30807

Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 4:16 p.m.35 views

CVE-2026-30805

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800...

9.1CVSS0.00341EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 3:13 p.m.62 views

CVE-2026-34187 SQL Injection in Graph Container Parameter

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800...

7.6CVSS0.00274EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 3:13 p.m.32 views

CVE-2026-34187

The CVE-2026-34187 vulnerability affects Pandora FMS, specifically versions 777 through 800. It is described as an improper neutralization of special elements used in an SQL command, enabling SQL Injection via a graph container parameter. According to the NVD metrics, the issue has a CVSS v3.1 ba...

9.8CVSS5.9AI score0.00274EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder