Vulnerabilities > Artica

DATE CVE VULNERABILITY TITLE RISK
2023-11-23 CVE-2023-41810 Cross-site Scripting vulnerability in Artica Pandora FMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS).
network
low complexity
artica CWE-79
6.1
2023-11-23 CVE-2023-41811 Cross-site Scripting vulnerability in Artica Pandora FMS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS).
network
low complexity
artica CWE-79
6.1
2023-11-23 CVE-2023-41812 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS
Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs.
network
low complexity
artica CWE-434
8.8
2023-11-23 CVE-2023-4677 Information Exposure Through Log Files vulnerability in Artica Pandora FMS
Cron log backup files contain administrator session IDs.
network
low complexity
artica CWE-532
critical
9.8
2022-08-05 CVE-2021-46681 Cross-site Scripting vulnerability in Artica Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field.
network
low complexity
artica CWE-79
6.1
2021-11-03 CVE-2021-36697 Injection vulnerability in Artica Pandora FMS
With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component.
local
low complexity
artica CWE-74
6.7
2021-11-03 CVE-2021-36698 Cross-site Scripting vulnerability in Artica Pandora FMS
Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name.
network
low complexity
artica CWE-79
5.4
2021-10-07 CVE-2021-3833 Incorrect Comparison vulnerability in Artica Integria IMS 5.0.92
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database.
network
low complexity
artica CWE-697
critical
9.8
2021-10-07 CVE-2021-3834 Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92
Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file.
network
low complexity
artica CWE-79
6.1
2021-10-07 CVE-2021-3832 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading.
network
low complexity
artica CWE-434
critical
9.8