Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios xi vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-20172
An issue exists in Nagios XI prior to 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability.
Nagios Nagios Xi
6.5
CVSSv3
CVE-2022-29269
In Nagios XI up to and including 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.
Nagios Nagios Xi
6.5
CVSSv3
CVE-2022-29271
In Nagios XI up to and including 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an malicious user to permanently disable all monitoring checks.
Nagios Nagios Xi
6.1
CVSSv3
CVE-2022-29272
In Nagios XI up to and including 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36363
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for migrate.php.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36364
Nagios XI prior to 5.8.5 incorrectly allows backup_xi.sh wildcards.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2021-36365
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Nagios Nagios Xi
6.1
CVSSv3
CVE-2020-15902
Graph Explorer in Nagios XI prior to 5.7.2 allows XSS via the link url option.
Nagios Nagios Xi
9.8
CVSSv3
CVE-2020-15903
An issue was found in Nagios XI prior to 5.7.3. There is a privilege escalation vulnerability in backend scripts that ran as root where some included files were editable by nagios user. This issue was fixed in version 5.7.3.
Nagios Nagios Xi
5.4
CVSSv3
CVE-2021-38156
In Nagios XI prior to 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard.
Nagios Nagios Xi
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »