4 matches found
Artica Pandora FMS Cross-Site Scripting Vulnerability (CNVD-2018-14363)
Artica Pandora FMS Flexible Monitoring System is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Artica Pandora FMS versions prior to 7.0 NG 723....
CVE-2018-11223
XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandoraconsole/index.php?sec=estado&sec2=operation/agentes/estadoagente&refr=" call...
CVE-2014-8629
CVE-2014-8629 affects Pandora FMS up to version 5.1 SP1, specifically the Page visualization agents. The vulnerability is an XSS flaw in the index.php endpoint where the refr parameter is returned to users without proper validation, enabling remote attackers to inject arbitrary web script or HTML...
CVE-2014-8629
Cross-site scripting XSS vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to index.php...