Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pandorafms pandora fms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-26310
Pandora FMS v7.0NG.760 and below allows an improper authorization in User Management where any authenticated user with access to the User Management module could create, modify or delete any user with full admin privilege. The impact could lead to a vertical privilege escalation ...
Pandorafms Pandora Fms
NA
CVE-2023-0828
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows malicious user to cause that users cookie value will be transferred to the attackers users server. This issue affects Pandora FMS v767 version and prior versions on all platforms.
Pandorafms Pandora Fms
NA
CVE-2022-1648
Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running app...
Pandorafms Pandora Fms
3.5
CVSSv2
CVE-2018-11223
XSS in Artica Pandora FMS prior to 7.0 NG 723 allows an malicious user to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
Pandorafms Artica Pandora Fms
5
CVSSv2
CVE-2020-13850
Artica Pandora FMS 7.44 has inadequate access controls on a web folder.
Pandorafms Pandora Fms 7.44
9
CVSSv2
CVE-2020-13852
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature.
Pandorafms Pandora Fms 7.44
3.5
CVSSv2
CVE-2020-13853
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature.
Pandorafms Pandora Fms 7.44
9
CVSSv2
CVE-2020-13855
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature.
Pandorafms Pandora Fms 7.44
3.5
CVSSv2
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.
Pandorafms Pandora Fms 742
9
CVSSv2
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Pandorafms Pandora Fms 7.44
1 Metasploit module
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »