Vulnerabilities > Fibranet > Monitorix > 0.9.1

DATE CVE VULNERABILITY TITLE RISK
2019-12-31 CVE-2013-7071 Cross-site Scripting vulnerability in Fibranet Monitorix
Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
network
fibranet CWE-79
4.3
4.3
2019-12-31 CVE-2013-7070 Injection vulnerability in Fibranet Monitorix
The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.
network
low complexity
fibranet CWE-74
critical
 10.0
10
2018-08-02 CVE-2018-7649 Cross-site Scripting vulnerability in Fibranet Monitorix
Monitorix before 3.10.1 allows XSS via CGI variables.
network
fibranet CWE-79
4.3
4.3