Multiple SQL injection vulnerabilities in Pandora FMS prior to 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
artica pandora fms 3.0 |
||
artica pandora fms 3.1 |
||
artica pandora fms 2.0 |
||
artica pandora fms 2.1.1 |
||
artica pandora fms 1.3.1 |
||
artica pandora fms 1.3 |
||
artica pandora fms 2.1 |
||
artica pandora fms 1.2 |
||
artica pandora fms |