Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opentsdb opentsdb 2.3.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
6.1
CVSSv3
CVE-2018-13003
An issue exists in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI.
Opentsdb Opentsdb 2.3.0
9.8
CVSSv3
CVE-2018-12972
An issue exists in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
Opentsdb Opentsdb 2.3.0
6.1
CVSSv3
CVE-2018-12973
An issue exists in OpenTSDB 2.3.0. There is XSS in parameter 'json' to the /q URI.
Opentsdb Opentsdb 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started