Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios xi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-23992
Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote malicious users to run arbitrary code via returnUrl parameter in a crafted GET request.
Nagios Nagios Xi 5.7.1
NA
CVE-2022-38247
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38248
Nagios XI before v5.8.7 exists to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php.
Nagios Nagios Xi
NA
CVE-2022-38249
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38250
Nagios XI v5.8.6 exists to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38251
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38254
Nagios XI before v5.8.7 exists to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.
Nagios Nagios Xi
4
CVSSv2
CVE-2022-29269
In Nagios XI up to and including 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.
Nagios Nagios Xi
4
CVSSv2
CVE-2022-29270
In Nagios XI up to and including 5.8.5, it is possible for a user without password verification to change his e-mail address.
Nagios Nagios Xi
4
CVSSv2
CVE-2022-29271
In Nagios XI up to and including 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an malicious user to permanently disable all monitoring checks.
Nagios Nagios Xi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »