Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios xi vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-5790
Cross-site request forgery in Nagios XI 5.7.3 allows a remote malicious user to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
Nagios Nagios Xi 5.7.3
7.2
CVSSv3
CVE-2020-22427
NagiosXI 5.6.11 is affected by a remote code execution (RCE) vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and ...
Nagios Nagios Xi 5.6.11
4.8
CVSSv3
CVE-2020-10819
Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ username parameter.
Nagios Nagios Xi 5.6.11
4.8
CVSSv3
CVE-2020-10820
Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ password parameter.
Nagios Nagios Xi 5.6.11
4.8
CVSSv3
CVE-2022-38247
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
6.1
CVSSv3
CVE-2022-38249
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
Nagios Nagios Xi 5.8.6
9.8
CVSSv3
CVE-2022-38250
Nagios XI v5.8.6 exists to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.
Nagios Nagios Xi 5.8.6
4.8
CVSSv3
CVE-2022-38251
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
8.8
CVSSv3
CVE-2018-15709
Nagios XI 5.5.6 allows remote authenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
8.8
CVSSv3
CVE-2018-15711
Nagios XI 5.5.6 allows remote authenticated malicious users to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
Nagios Nagios Xi 5.5.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »