Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artica pandora fms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-8500
In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality
Artica Pandora Fms 7.42
9.8
CVSSv3
CVE-2020-13854
Artica Pandora FMS 7.44 allows privilege escalation.
Pandorafms Pandora Fms 7.44
5.4
CVSSv3
CVE-2020-13853
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature.
Pandorafms Pandora Fms 7.44
7.5
CVSSv3
CVE-2020-13850
Artica Pandora FMS 7.44 has inadequate access controls on a web folder.
Pandorafms Pandora Fms 7.44
7.2
CVSSv3
CVE-2020-13852
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature.
Pandorafms Pandora Fms 7.44
7.2
CVSSv3
CVE-2020-13855
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature.
Pandorafms Pandora Fms 7.44
7.8
CVSSv3
CVE-2019-13035
Artica Pandora FMS 7.0 NG prior to 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service httpd.exe will try to execute cmd.exe from C:\PandoraFMS (the...
Pandorafms Pandora Fms
4.8
CVSSv3
CVE-2022-45437
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin u...
Pandorafms Pandora Fms 765
4.8
CVSSv3
CVE-2022-45436
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Onc...
Pandorafms Pandora Fms 765
1 Github repository
8.8
CVSSv3
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Pandorafms Pandora Fms 7.44
1 Metasploit module
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »