Vulnerabilities > Artica > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-23 | CVE-2023-41786 | Exposure of Resource to Wrong Sphere vulnerability in Artica Pandora FMS Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pandora FMS on all allows File Discovery. | 6.5 |
| 2023-11-23 | CVE-2023-41789 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
| 2023-11-23 | CVE-2023-41791 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 5.4 |
| 2023-11-23 | CVE-2023-41792 | Cross-Site Request Forgery (CSRF) vulnerability in Artica Pandora FMS Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
| 2023-11-23 | CVE-2023-41810 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
| 2023-11-23 | CVE-2023-41811 | Cross-site Scripting vulnerability in Artica Pandora FMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). | 6.1 |
| 2022-08-05 | CVE-2021-46681 | Cross-site Scripting vulnerability in Artica Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field. | 6.1 |
| 2021-11-03 | CVE-2021-36697 | Injection vulnerability in Artica Pandora FMS With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. | 6.7 |
| 2021-11-03 | CVE-2021-36698 | Cross-site Scripting vulnerability in Artica Pandora FMS Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name. | 5.4 |
| 2021-10-07 | CVE-2021-3834 | Cross-site Scripting vulnerability in Artica Integria IMS 5.0.92 Integria IMS in its 5.0.92 version does not filter correctly some fields related to the login.php file. | 6.1 |