Vulnerabilities > Artica
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-23 | CVE-2023-41810 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
2023-11-23 | CVE-2023-41811 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
2023-11-23 | CVE-2023-41812 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. | 8.8 |
2023-11-23 | CVE-2023-4677 | Information Exposure Through Log Files vulnerability in Artica Pandora FMS Cron log backup files contain administrator session IDs. | 9.8 |
2021-11-03 | CVE-2021-36697 | Injection vulnerability in Artica Pandora FMS With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. | 4.6 |
2021-11-03 | CVE-2021-36698 | Cross-site Scripting vulnerability in Artica Pandora FMS Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name. | 3.5 |
2021-10-07 | CVE-2021-3833 | Incorrect Comparison vulnerability in Artica Integria IMS 5.0.92 Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. | 9.8 |
2021-10-07 | CVE-2021-3834 | Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. | 6.1 |
2021-10-07 | CVE-2021-3832 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading. | 7.5 |
2021-06-30 | CVE-2021-34075 | Insufficiently Protected Credentials vulnerability in Artica Pandora FMS In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed on the client side which attackers can access. | 4.3 |