6 matches found
CVE-2026-30810
Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30810 Server-Side Request Forgery in API Checker leads to Privilege Escalation
Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30807
CVE-2026-30807 is a Cross-Site Request Forgery in Pandora FMS extension/pages for versions 777–800. The flaw allows an attacker to cause unauthorized actions through a crafted page without user interaction beyond visiting the page; CVSSv4 vector indicates NETWORK attack vector, LOW access complex...
CVE-2026-30809
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30804
Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800...
CVE-2025-5306 Command Injection in Netflow path
Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778...