Vulnerabilities > Artica

DATE CVE VULNERABILITY TITLE RISK
2017-10-27 CVE-2017-15937 Information Exposure vulnerability in Artica Pandora FMS 7.0
Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition.
network
low complexity
artica CWE-200
6.5
2017-10-27 CVE-2017-15936 Cross-site Scripting vulnerability in Artica Pandora FMS 7.0
In Artica Pandora FMS version 7.0, an Attacker with write Permission can create an agent with an XSS Payload; when a user enters the agent definitions page, the script will get executed.
network
low complexity
artica CWE-79
5.4
2017-10-27 CVE-2017-15935 Code Injection vulnerability in Artica Pandora FMS 7.0
Artica Pandora FMS version 7.0 is vulnerable to remote PHP code execution through the manager files function.
network
low complexity
artica CWE-94
7.2
2017-10-27 CVE-2017-15934 Cross-site Scripting vulnerability in Artica Pandora FMS 7.0
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter.
network
low complexity
artica CWE-79
5.4