Lucene search
K
FibranetMonitorix

4 matches found

CVE
CVE
added 2019/12/31 7:57 p.m.78 views

CVE-2013-7070

CVE-2013-7070 affects Monitorix prior to version 3.3.1. The handle_request function in lib/HTTPServer.pm allows remote attackers to execute arbitrary commands via shell metacharacters in the URI. Documented impact is remote code execution with high confidentiality, integrity, and availability imp...

10CVSS9.6AI score0.0409EPSS
CVE
CVE
added 2021/01/27 6:56 p.m.59 views

CVE-2021-3325

Monitorix 3.13.0 is vulnerable to bypassing Basic Authentication in default installations lacking hosts_deny configuration due to a newly introduced access-control feature not accounting for existing setups. This is evidenced across multiple sources (NVD/NV OSV/ Fedora advisories) and is addresse...

9.8CVSS9.3AI score0.0223EPSS
CVE
CVE
added 2019/12/31 7:57 p.m.55 views

CVE-2013-7071

CVE-2013-7071 affects Monitorix prior to 3.4.0. The vulnerability is a Cross-site Scripting (XSS) in the handle_request function of lib/HTTPServer.pm, exploitable via PATH_INFO to inject arbitrary web scripts or HTML. Remediation in the connected data shows Fedora/monitorix updates (e.g., monitor...

6.1CVSS6.8AI score0.01106EPSS
CVE
CVE
added 2018/08/02 5:0 p.m.42 views

CVE-2018-7649

CVE-2018-7649 affects Monitorix prior to 3.10.1 and enables cross-site scripting via CGI variables. The vulnerability allows an attacker to inject arbitrary web script or HTML in the affected web interface. The public documents consistently describe the issue as an XSS in Monitorix before version...

6.1CVSS5.9AI score0.00647EPSS