8 matches found
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
CVE-2020-11749
Pandora FMS 7.0 NG
CVE-2020-13855
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature.
CVE-2020-13852
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature.
CVE-2020-13853
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature.
CVE-2020-13854
Artica Pandora FMS 7.44 allows privilege escalation.
CVE-2020-13850
Artica Pandora FMS 7.44 has inadequate access controls on a web folder.
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.