Lucene search
+L

52 matches found

Vulnrichment
Vulnrichment
added 2025/10/30 9:52 p.m.2 views

CVE-2023-7315 Nagios XI < 5.11.3 XSS via Graph Explorer

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.1CVSS5.8AI score0.00468EPSS
Exploits0References3
CVE
CVE
added 2025/10/30 9:52 p.m.15 views

CVE-2023-7315

Nagios XI prior to version 5.11.3 is affected by a cross-site scripting (XSS) vulnerability in the Graph Explorer component. The root cause is insufficient validation or escaping of user-supplied input, enabling an attacker to inject and execute arbitrary script in a victim’s browser. Supported b...

5.4CVSS5.8AI score0.00468EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.6 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.11.3, which stems from a Graph Explorer...

5.4CVSS6.1AI score0.00468EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1, which stems from insufficient...

5.4CVSS5.9AI score0.00535EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.4 views

PT-2025-44554

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.11.3 Description The software is susceptible to cross-site scripting XSS through the Graph Explorer component. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execu...

5.4CVSS5.9AI score0.00468EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.5 views

PT-2025-44555

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1 Description The software is susceptible to cross-site scripting XSS through the Graph Explorer component. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execu...

5.4CVSS5.9AI score0.00535EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-6575

Malware in sbrugna...

8.6CVSS6.4AI score0.02512EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/07 8:31 p.m.10 views

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

8.6CVSS7.4AI score0.02512EPSS
Exploits0References1
NVD
NVD
added 2025/08/05 8:15 p.m.7 views

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

8.6CVSS0.02512EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/05 8:3 p.m.12 views

CVE-2012-10029 Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

8.6CVSS0.02512EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/05 8:3 p.m.5 views

CVE-2012-10029 Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

8.6CVSS7.6AI score0.02512EPSS
Exploits0References5
CVE
CVE
added 2025/08/05 8:3 p.m.21 views

CVE-2012-10029

Nagios XI Network Monitor with Graph Explorer component prior to version 1.3 is affected by an authenticated command-injection in visApi.php. The issue arises from unsanitized parameters (e.g., host), enabling remote code execution. Affected software/component: Nagios XI (Graph Explorer)

8.6CVSS7.8AI score0.02512EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/05 8:3 p.m.5 views

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

8.6CVSS6.1AI score0.02512EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 p.m.15 views

CVE-2020-15902

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option...

6.1CVSS5.8AI score0.35135EPSS
Exploits0
CNVD
CNVD
added 2020/07/23 12:0 a.m.3 views

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-41877)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in Graph Explorer in Nagios XI versions prior to 5.7.2. An attacker can exploit this...

6.1CVSS6.2AI score0.35135EPSS
Exploits0References1
OSV
OSV
added 2020/07/22 10:15 p.m.6 views

CVE-2020-15902

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option...

6.1CVSS6.4AI score0.35135EPSS
Exploits0References3
NVD
NVD
added 2020/07/22 10:15 p.m.24 views

CVE-2020-15902

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option...

6.1CVSS6AI score0.35135EPSS
Exploits0References3
Prion
Prion
added 2020/07/22 10:15 p.m.15 views

Design/Logic Flaw

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option...

4.3CVSS5.9AI score0.35135EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/07/22 9:28 p.m.31 views

CVE-2020-15902

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option...

6AI score0.35135EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/07/22 12:0 a.m.7 views

PT-2020-14700 · Nagios · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.7.2 Description: The issue allows for XSS via the link url option in the Graph Explorer component. This could potentially lead to malicious script execution. Recommendations: For versions prior to 5.7.2, update t...

6.1CVSS5.9AI score0.35135EPSS
Exploits0References5
Rows per page
Query Builder