Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios log server vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-35479
Nagios Log Server prior to 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page.
Nagios Log Server
5.4
CVSSv3
CVE-2021-35478
Nagios Log Server prior to 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page.
Nagios Log Server
6.1
CVSSv3
CVE-2020-25385
Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page.
Nagios Log Server
1 Github repository
NA
CVE-2020-161571
Nagios Log Server version 2.1.6 suffers from a persistent cross site scripting vulnerability.
5.4
CVSSv3
CVE-2020-16157
A Stored XSS vulnerability exists in Nagios Log Server prior to 2.1.7 via the Notification Methods -> Email Users menu.
Nagios Log Server
8.8
CVSSv3
CVE-2020-6585
Nagios Log Server 2.1.3 has CSRF.
Nagios Nagios 2.1.3
5.4
CVSSv3
CVE-2020-6586
Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered.
Nagios Nagios 2.1.3
6.5
CVSSv3
CVE-2020-6584
Nagios Log Server 2.1.3 has Incorrect Access Control.
Nagios Nagios 2.1.3
6.1
CVSSv3
CVE-2019-15898
Nagios Log Server prior to 2.0.8 allows Reflected XSS via the username on the Login page.
Nagios Log Server
NA
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started