Vulnerabilities > Artica > Pandora FMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-23 | CVE-2023-41787 | Uncontrolled Search Path Element vulnerability in Artica Pandora FMS Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. | 7.5 |
| 2023-11-23 | CVE-2023-41788 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. | 8.8 |
| 2023-11-23 | CVE-2023-41806 | Unspecified vulnerability in Artica Pandora FMS Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. | 7.5 |
| 2023-11-23 | CVE-2023-41807 | Unspecified vulnerability in Artica Pandora FMS Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. | 8.8 |
| 2023-11-23 | CVE-2023-41808 | Unspecified vulnerability in Artica Pandora FMS Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. | 7.5 |
| 2023-11-23 | CVE-2023-41812 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. | 8.8 |
| 2020-03-23 | CVE-2020-8511 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500. | 7.2 |
| 2020-03-23 | CVE-2020-7935 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. | 7.2 |
| 2020-03-16 | CVE-2020-5844 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS 7.0Ng index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. | 7.2 |
| 2020-03-02 | CVE-2020-8500 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS 7.42 In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. | 7.2 |