12 matches found
CVE-2020-10791
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests aka SSRF via the Test Connection feature aka testGrafanaConnection of the Grafana Module...
EUVD-2020-3204
Malware in sbrugna...
EUVD-2023-48449
Malicious code in bioql PyPI...
The vulnerability of the Grafana module in the monitoring and IT environment management system Pandora FMS allows a perpetrator to gain unauthorized access to protected information and execute arbitrary SQL code.
The vulnerability of the Grafana module in the monitoring and management system for IT environments developed by Pandora FMS is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized...
CVE-2023-44090
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through 776...
CVE-2023-44090 UnautH SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through 776...
CVE-2023-44090 UnautH SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through 776...
Artica Pandora FMS SQL Injection Vulnerability
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. An SQL injection vulnerability exists in Artica Pandora FMS versions 700 through 776, which arises from an improper...
PT-2024-2986 · Grafana +1 · Grafana +1
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 776 Description: The issue is related to an SQL Injection vulnerability, which allows for improper neutralization of special elements used in an SQL command. This vulnerability affects the Grafana module,...
It-novum OpenITCOCKPIT Code Issue Vulnerability
It-novum OpenITCOCKPIT is a set of open source system monitoring tools from Germany's It-novum. A code issue vulnerability exists in the app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php file in It-novum openITCOCKPIT versions prior to 3.7.3. The vulnerability can be exploite...
CVE-2020-10791
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests aka SSRF via the Test Connection feature aka testGrafanaConnection of the Grafana Module...
Design/Logic Flaw
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests aka SSRF via the Test Connection feature aka testGrafanaConnection of the Grafana Module...