Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50139

Malicious code in bioql PyPI...

7.6CVSS6.2AI score0.00234EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-47372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability b...

7.6CVSS5.3AI score0.00234EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/11/23 2:22 p.m.11 views

CVE-2023-4677 Unauthenticated Admin Account Takeover Via Cron Log File Backups

Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This iss...

7CVSS6.9AI score0.00493EPSS
Exploits0References1
OSV
OSV
added 2023/02/15 4:15 a.m.3 views

CVE-2022-47373

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript...

6.1CVSS5.8AI score0.00338EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 4:15 a.m.3 views

CVE-2022-47372

Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the...

5.4CVSS5.6AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2023/02/15 4:15 a.m.2 views

UBUNTU-CVE-2022-47373

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript...

6.4CVSS5.8AI score0.00338EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.5 views

CVE-2022-47372 Stored cross-site scripting vulnerability in create event section

Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the...

7.6CVSS5.2AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/15 12:0 a.m.34 views

CVE-2022-47373 Reflected Cross Site Scripting in Search Functionality of Module Library

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript...

6.4CVSS6.5AI score0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.5 views

CVE-2022-47373 Reflected Cross Site Scripting in Search Functionality of Module Library

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript...

6.4CVSS6.5AI score0.00338EPSS
Exploits0References2
CVE
CVE
added 2023/02/15 12:0 a.m.56 views

CVE-2022-47373

CVE-2022-47373 affects Pandora FMS Console. The issue is a Reflected Cross-Site Scripting in the Module Library search functionality, triggered by the forget password flow where the username parameter lacks proper input validation/sanitization , enabling execution of malicious JavaScript payloads...

6.4CVSS6.2AI score0.00338EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/15 12:0 a.m.4 views

Pandora FMS Console 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way.Pandora is an analytics framework used to find out if a file is suspicious or not and display the results easily. A securit...

6.4CVSS6.4AI score0.00338EPSS
Exploits0References3
CVE
CVE
added 2023/02/15 12:0 a.m.60 views

CVE-2022-47372

Pandora FMS Console versions v766 and lower expose a stored cross‑site scripting (XSS) vulnerability in the Create event section. An attacker can inject XSS payloads on pages or supply a link that, when viewed by a user, executes script in the victim’s browser. The reports consistently identify P...

7.6CVSS5.3AI score0.00234EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder