Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xymon xymon 4.1.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1716
Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon prior to 4.3.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Xymon Xymon 4.3.0
Xymon Xymon 4.1.2
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon
Xymon Xymon 4.0
Xymon Xymon 4.2.2
Xymon Xymon 4.2.0
Xymon Xymon 4.0.2
Xymon Xymon 4.0.1
Xymon Xymon 4.2.3
Xymon Xymon 4.0.4
Xymon Xymon 4.0.3
NA
CVE-2013-4173
Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x prior to 4.3.12 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the host name in a "drophost" command.
Xymon Xymon 4.3.0
Xymon Xymon 4.2.2
Xymon Xymon 4.0.2
Xymon Xymon 4.0
Xymon Xymon 4.1.2
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon 4.0.4
Xymon Xymon
Xymon Xymon 4.2.3
Xymon Xymon 4.2.0
Xymon Xymon 4.0.3
Xymon Xymon 4.0.1
9.8
CVSSv3
CVE-2016-2054
Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 allow remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via a long filename, involving handling a "config" command.
Debian Debian Linux 8.0
Xymon Xymon 4.3.3
Xymon Xymon 4.3.24
Xymon Xymon 4.3.19
Xymon Xymon 4.3.18
Xymon Xymon 4.3.11
Xymon Xymon 4.3.10
Xymon Xymon 4.2.3
Xymon Xymon 4.2.2
Xymon Xymon 4.1.2
Xymon Xymon 4.3.8
Xymon Xymon 4.3.7
Xymon Xymon 4.3.6
Xymon Xymon 4.3.21
Xymon Xymon 4.3.20
Xymon Xymon 4.3.15
Xymon Xymon 4.3.14
Xymon Xymon 4.3.0
Xymon Xymon 4.2
Xymon Xymon 4.3.5
Xymon Xymon 4.3.4
Xymon Xymon 4.3.2
7.5
CVSSv3
CVE-2016-2055
xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 allow remote malicious users to read arbitrary files in the configuration directory via a "config" command.
Xymon Xymon 4.3.9
Xymon Xymon 4.3.8
Xymon Xymon 4.3.23
Xymon Xymon 4.3.22
Xymon Xymon 4.3.17
Xymon Xymon 4.3.16
Xymon Xymon 4.3.0
Xymon Xymon 4.2.2
Xymon Xymon 4.2.0
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon 4.3.5
Xymon Xymon 4.3.4
Xymon Xymon 4.3.2
Xymon Xymon 4.3.19
Xymon Xymon 4.3.13
Xymon Xymon 4.3.12
Xymon Xymon 4.2.3
Xymon Xymon 4.2
Xymon Xymon 4.1.2
Xymon Xymon 4.3.3
Xymon Xymon 4.3.24
1 Metasploit module
8.8
CVSSv3
CVE-2016-2056
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c.
Xymon Xymon 4.3.5
Xymon Xymon 4.3.4
Xymon Xymon 4.3.2
Xymon Xymon 4.3.19
Xymon Xymon 4.3.13
Xymon Xymon 4.3.12
Xymon Xymon 4.3.0
Xymon Xymon 4.2.3
Xymon Xymon 4.2
Xymon Xymon 4.1.2
Xymon Xymon 4.3.9
Xymon Xymon 4.3.8
Xymon Xymon 4.3.23
Xymon Xymon 4.3.22
Xymon Xymon 4.3.17
Xymon Xymon 4.3.16
Xymon Xymon 4.2.2
Xymon Xymon 4.2.0
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon 4.3.7
Xymon Xymon 4.3.6
1 EDB exploit
3.3
CVSSv3
CVE-2016-2057
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.
Xymon Xymon 4.3.24
Xymon Xymon 4.3.23
Xymon Xymon 4.3.17
Xymon Xymon 4.3.16
Xymon Xymon 4.3.9
Xymon Xymon 4.3.8
Xymon Xymon 4.3.0
Xymon Xymon 4.2.2
Xymon Xymon 4.1.2
Xymon Xymon 4.1.1
Xymon Xymon 4.1.0
Xymon Xymon 4.3.22
Xymon Xymon 4.3.21
Xymon Xymon 4.3.15
Xymon Xymon 4.3.14
Xymon Xymon 4.3.7
Xymon Xymon 4.3.6
Xymon Xymon 4.2.0
Xymon Xymon 4.2
Xymon Xymon 4.3.19
Xymon Xymon 4.3.18
Xymon Xymon 4.3.11
5.4
CVSSv3
CVE-2016-2058
Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x prior to 4.3.25 allow (1) remote Xymon clients to inject arbitrary web script or HTML via a status-message, which is not properly handled in the "detailed status" page, or (2) remote au...
Debian Debian Linux 8.0
Xymon Xymon 4.3.7
Xymon Xymon 4.3.6
Xymon Xymon 4.3.5
Xymon Xymon 4.3.4
Xymon Xymon 4.3.2
Xymon Xymon 4.3.19
Xymon Xymon 4.3.12
Xymon Xymon 4.3.11
Xymon Xymon 4.3.0
Xymon Xymon 4.2.3
Xymon Xymon 4.2
Xymon Xymon 4.1.2
Xymon Xymon 4.3.9
Xymon Xymon 4.3.8
Xymon Xymon 4.3.23
Xymon Xymon 4.3.22
Xymon Xymon 4.3.17
Xymon Xymon 4.3.16
Xymon Xymon 4.2.2
Xymon Xymon 4.2.0
Xymon Xymon 4.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started