Pandora Fms@773 Security Vulnerabilities and Issues — Pandora Fms@773 CVE List

Lucene search

ArticaPandora Fms773

9 matches found

CVE•added 2023/11/23 3:15 p.m.•42 views

CVE-2023-41811

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the news section of the web console. This issue affects Pandora FMS: from 700 thro...

6.1CVSS5.7AI score0.00044EPSS

CVE•added 2023/11/23 3:15 p.m.•41 views

CVE-2023-41808

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows an unauthorised user to escalate and read sensitive files as if they were root. This issue affects Pandora FMS: from 700 through 773.

8.5CVSS7.9AI score0.00095EPSS

CVE•added 2023/11/23 3:15 p.m.•37 views

CVE-2023-41791

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integri...

8.4CVSS5.6AI score0.00117EPSS

CVE•added 2023/11/23 3:15 p.m.•37 views

CVE-2023-41810

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets' text box. This issue affects Pandora FMS: from 700 through 773.

6.1CVSS5.2AI score0.00044EPSS

CVE•added 2023/11/23 3:15 p.m.•36 views

CVE-2023-41790

Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows to access the server configuration file and to compromise the database. This issue affects Pandora FMS: from 700 through 773.

9.8CVSS8.6AI score0.00145EPSS

CVE•added 2023/11/23 3:15 p.m.•33 views

CVE-2023-41792

Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the SNMP Trap Editor. This issue affects Pandora FMS: from 700 through 773.

6.1CVSS6AI score0.00041EPSS

CVE•added 2023/11/23 3:15 p.m.•32 views

CVE-2023-41789

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allows an attacker to perform cookie hijacking and log in as that user without the need for credentials. This issue affects ...

7.6CVSS6.1AI score0.00085EPSS

CVE•added 2023/11/23 3:15 p.m.•32 views

CVE-2023-41807

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773.

9.1CVSS8.9AI score0.00041EPSS

CVE•added 2023/11/23 3:15 p.m.•30 views

CVE-2023-41806

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability causes that a bad privilege assignment could cause a DOS attack that affects the availability of the Pandora FMS server. This issue affects Pandora FMS: from 700 through 773.

8.2CVSS7.7AI score0.00072EPSS