Lucene search
K

7 matches found

OSV
OSV
added 2024/06/10 3:15 p.m.4 views

CVE-2024-35306

OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through 777...

9.8CVSS7.9AI score
Exploits0References1
OSV
OSV
added 2024/03/19 5:15 p.m.2 views

CVE-2023-44091

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Pandora FMS on all allows SQL Injection. This ulnerability allowed SQL injections to be made even if authentication failed.This issue affects Pandora FMS: from 700 through 776...

9.8CVSS5.8AI score0.00452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.5 views

PT-2023-28109 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 773 Description: The issue allows unrestricted upload of files with dangerous types, specifically PHP executable files, through the file manager. This is due to accessing functionality not properly constrained...

8.8CVSS8.7AI score0.00573EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.5 views

PT-2023-28093 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 773 Description: The issue is related to an Uncontrolled Search Path Element vulnerability, which allows for Leveraging/Manipulating Configuration File Search Paths. This vulnerability enables access to the...

9.8CVSS9AI score0.00573EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/11/23 12:0 a.m.4 views

Artica Pandora FMS Cross-Site Scripting Vulnerability

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Artica Pandora FMS versions 700 through 773, which arises from improperly...

7.6CVSS6.1AI score0.00457EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/23 12:0 a.m.9 views

PT-2023-28091 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 773 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting XSS. This allows an attacker to perform cookie hijacking and log in as a...

7.6CVSS6.1AI score0.00457EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/09/09 12:0 a.m.6 views

PT-2020-19098 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP Netweaver AS ABAP versions 700 through 755 Description: The issue allows an unauthenticated attacker to send a polluted URL to the victim. When the victim clicks on this URL, the attacker can read and modify the information available in t...

6.1CVSS6AI score0.00895EPSS
Exploits0References4
Rows per page
Query Builder