Vulnerabilities > Artica

DATE CVE VULNERABILITY TITLE RISK
2021-10-07 CVE-2021-3833 Incorrect Authorization vulnerability in Artica Integria IMS 5.0.92
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database.
network
low complexity
artica CWE-863
7.5
2021-10-07 CVE-2021-3834 Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92
Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file.
network
artica CWE-79
4.3
2021-10-07 CVE-2021-3832 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading.
network
low complexity
artica CWE-434
7.5
2021-06-30 CVE-2021-34075 Exposure of Resource to Wrong Sphere vulnerability in Artica Pandora FMS
In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access.
network
artica CWE-668
4.3
2021-05-07 CVE-2021-32098 Deserialization of Untrusted Data vulnerability in Artica Pandora FMS 742
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.
network
low complexity
artica CWE-502
7.5
2021-05-07 CVE-2021-32099 SQL Injection vulnerability in Artica Pandora FMS 742
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.
network
low complexity
artica CWE-89
7.5
2021-05-07 CVE-2021-32100 Unspecified vulnerability in Artica Pandora FMS 742
A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user.
network
low complexity
artica
4.0
2020-10-02 CVE-2020-26518 SQL Injection vulnerability in Artica Pandora FMS
Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter.
network
low complexity
artica CWE-89
7.5
2020-03-23 CVE-2020-8511 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS
In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500.
network
low complexity
artica CWE-434
6.5
2020-03-23 CVE-2020-7935 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS
Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager.
network
low complexity
artica CWE-434
6.5