Vulnerabilities > Artica > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-23 CVE-2023-41787 Uncontrolled Search Path Element vulnerability in Artica Pandora FMS
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths.
network
low complexity
artica CWE-427
7.5
7.5
2023-11-23 CVE-2023-41788 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS
Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs.
network
low complexity
artica CWE-434
8.8
8.8
2023-11-23 CVE-2023-41806 Unspecified vulnerability in Artica Pandora FMS
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation.
network
low complexity
artica
7.5
7.5
2023-11-23 CVE-2023-41807 Unspecified vulnerability in Artica Pandora FMS
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation.
network
low complexity
artica
8.8
8.8
2023-11-23 CVE-2023-41808 Unspecified vulnerability in Artica Pandora FMS
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation.
network
low complexity
artica
7.5
7.5
2023-11-23 CVE-2023-41812 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS
Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs.
network
low complexity
artica CWE-434
8.8
8.8
2021-10-07 CVE-2021-3832 Unrestricted Upload of File with Dangerous Type vulnerability in Artica Integria IMS 5.0.92
Integria IMS in its 5.0.92 version is vulnerable to a Remote Code Execution attack through file uploading.
network
low complexity
artica CWE-434
7.5
7.5
2021-05-07 CVE-2021-32098 Deserialization of Untrusted Data vulnerability in Artica Pandora FMS 742
Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization.
network
low complexity
artica CWE-502
7.5
7.5
2021-05-07 CVE-2021-32099 SQL Injection vulnerability in Artica Pandora FMS 742
A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass.
network
low complexity
artica CWE-89
7.5
7.5
2020-10-02 CVE-2020-26518 SQL Injection vulnerability in Artica Pandora FMS
Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter.
network
low complexity
artica CWE-89
7.5
7.5