Vulnerabilities > Artica
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2021-36697 | Injection vulnerability in Artica Pandora FMS With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. | 4.6 |
| 2021-11-03 | CVE-2021-36698 | Cross-site Scripting vulnerability in Artica Pandora FMS Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name. | 3.5 |
| 2021-10-07 | CVE-2021-3833 | Incorrect Comparison vulnerability in Artica Integria IMS 5.0.92 Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. | 9.8 |
| 2021-10-07 | CVE-2021-3834 | Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. | 4.3 |
| 2021-10-07 | CVE-2021-3832 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. | 7.5 |
| 2021-06-30 | CVE-2021-34075 | Insufficiently Protected Credentials vulnerability in Artica Pandora FMS In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access. | 4.3 |
| 2021-05-07 | CVE-2021-32098 | Deserialization of Untrusted Data vulnerability in Artica Pandora FMS 742 Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization. | 7.5 |
| 2021-05-07 | CVE-2021-32099 | SQL Injection vulnerability in Artica Pandora FMS 742 A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass. | 7.5 |
| 2021-05-07 | CVE-2021-32100 | Unspecified vulnerability in Artica Pandora FMS 742 A remote file inclusion vulnerability exists in Artica Pandora FMS 742, exploitable by the lowest privileged user. | 4.0 |
| 2020-10-02 | CVE-2020-26518 | SQL Injection vulnerability in Artica Pandora FMS Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter. | 7.5 |