Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios log server vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2021-35478
Nagios Log Server prior to 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page.
Nagios Log Server
312
VMScore
CVE-2021-35479
Nagios Log Server prior to 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page.
Nagios Log Server
383
VMScore
CVE-2019-15898
Nagios Log Server prior to 2.0.8 allows Reflected XSS via the username on the Login page.
Nagios Log Server
312
VMScore
CVE-2020-16157
A Stored XSS vulnerability exists in Nagios Log Server prior to 2.1.7 via the Notification Methods -> Email Users menu.
Nagios Log Server
383
VMScore
CVE-2020-25385
Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page.
Nagios Log Server
1 Github repository
605
VMScore
CVE-2020-6585
Nagios Log Server 2.1.3 has CSRF.
Nagios Nagios 2.1.3
356
VMScore
CVE-2020-6584
Nagios Log Server 2.1.3 has Incorrect Access Control.
Nagios Nagios 2.1.3
312
VMScore
CVE-2020-6586
Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered.
Nagios Nagios 2.1.3
890
VMScore
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
NA
CVE-2020-161571
Nagios Log Server version 2.1.6 suffers from a persistent cross site scripting vulnerability.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started