Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icinga icinga web 2 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-18248
Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string.
Icinga Icinga Web 2 2.6.1
7.5
CVSSv2
CVE-2018-18249
Icinga Web 2 prior to 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingawe...
Icinga Icinga Web 2
5
CVSSv2
CVE-2018-18250
Icinga Web 2 prior to 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.
Icinga Icinga Web 2
5
CVSSv2
CVE-2014-1878
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and previous versions, and Icinga prior to 1.8.6, 1.9 prior to 1.9.5, and 1.10 prior to 1.10.3 allows remote malicious users to cause a denial of service (segmentation fault) vi...
Nagios Nagios
Icinga Icinga 1.10.0
Icinga Icinga 1.8.0
Icinga Icinga 1.8.1
Nagios Nagios 4.0.0
Icinga Icinga 1.9.2
Icinga Icinga 1.9.3
Icinga Icinga 1.9.4
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 1.8.4
Icinga Icinga
Icinga Icinga 1.10.1
Icinga Icinga 1.10.2
Icinga Icinga 1.8.2
Icinga Icinga 1.8.3
Nagios Nagios 4.0.2
5.5
CVSSv2
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and previous versions, and Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a l...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.1
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.1.2
Nagios Nagios 3.2.0
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Icinga Icinga 1.9.0
1 EDB exploit
6.4
CVSSv2
CVE-2013-7205
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and previous versions allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key ...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.2.0
Nagios Nagios 3.2.1
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.1.2
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
4.3
CVSSv2
CVE-2011-2179
Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga prior to 1.4.1 allow remote malicious users to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts ac...
Icinga Icinga 1.3.1
Icinga Icinga 1.0.2
Icinga Icinga 0.8.1
Icinga Icinga 0.8.0
Icinga Icinga
Icinga Icinga 1.3.0
Icinga Icinga 1.0.1
Icinga Icinga 1.0
Nagios Nagios 3.2.3
Icinga Icinga 0.8.4
Icinga Icinga 1.0.3
Icinga Icinga 1.2.0
Icinga Icinga 1.2.1
Icinga Icinga 0.8.3
Icinga Icinga 0.8.2
1 EDB exploit
10
CVSSv2
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2