Vulnerabilities > Artica > Pandora FMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-23 | CVE-2020-7935 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. | 6.5 |
| 2020-03-23 | CVE-2020-8497 | Information Exposure vulnerability in Artica Pandora FMS In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. | 5.0 |
| 2018-06-16 | CVE-2018-11222 | Improper Input Validation vulnerability in Artica Pandora FMS Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint. | 5.0 |
| 2017-10-27 | CVE-2017-15937 | Information Exposure vulnerability in Artica Pandora FMS 7.0 Artica Pandora FMS version 7.0 leaks a full installation pathname via GET data when intercepting the main page's graph requisition. | 4.0 |