Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pandorafms pandora fms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41815
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Malicious code could be executed in the File Manager section. This issue affects Pandora FMS: from 700 up to and i...
Pandorafms Pandora Fms
NA
CVE-2022-26308
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.
Pandorafms Pandora Fms
312
VMScore
CVE-2021-35501
PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.
Pandorafms Pandora Fms
890
VMScore
CVE-2020-13854
Artica Pandora FMS 7.44 allows privilege escalation.
Pandorafms Pandora Fms 7.44
801
VMScore
CVE-2020-13855
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature.
Pandorafms Pandora Fms 7.44
312
VMScore
CVE-2018-11223
XSS in Artica Pandora FMS prior to 7.0 NG 723 allows an malicious user to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
Pandorafms Artica Pandora Fms
312
VMScore
CVE-2019-19968
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.
Pandorafms Pandora Fms 742
NA
CVE-2022-45437
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin u...
Pandorafms Pandora Fms 765
445
VMScore
CVE-2020-13850
Artica Pandora FMS 7.44 has inadequate access controls on a web folder.
Pandorafms Pandora Fms 7.44
940
VMScore
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Pandorafms Pandora Fms 7.44
1 Metasploit module
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »