Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artica pandora fms 7.0 ng vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-5844
index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020.
Artica Pandora Fms 7.0 Ng
3 Github repositories
9
CVSSv2
CVE-2019-20224
netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. This issue has been fixed in Pandora FMS 7.0...
Artica Pandora Fms 7.0 Ng
1 Github repository
3.5
CVSSv2
CVE-2018-11223
XSS in Artica Pandora FMS prior to 7.0 NG 723 allows an malicious user to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
Pandorafms Artica Pandora Fms
9
CVSSv2
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Pandorafms Pandora Fms 7.44
1 Metasploit module
1 Github repository
7.2
CVSSv2
CVE-2019-13035
Artica Pandora FMS 7.0 NG prior to 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service httpd.exe will try to execute cmd.exe from C:\PandoraFMS (the...
Pandorafms Pandora Fms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started