Vulnerabilities > Ganglia
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-11 | CVE-2019-20379 | Cross-site Scripting vulnerability in Ganglia Ganglia-Web ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter. | 4.3 |
| 2020-01-11 | CVE-2019-20378 | Cross-site Scripting vulnerability in Ganglia Ganglia-Web ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter. | 4.3 |
| 2017-08-09 | CVE-2015-6816 | Improper Authentication vulnerability in multiple products ganglia-web before 3.7.1 allows remote attackers to bypass authentication. | 7.5 |
| 2014-04-02 | CVE-2013-1770 | Cross-Site Scripting vulnerability in Ganglia Ganglia-Web 3.5.7 Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter. | 4.3 |
| 2013-12-05 | CVE-2013-6395 | Cross-Site Scripting vulnerability in Ganglia Ganglia-Web 3.5.10/3.5.8 Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php. | 4.3 |
| 2013-03-14 | CVE-2013-0275 | Cross-Site Scripting vulnerability in Ganglia Ganglia-Web Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-08-06 | CVE-2012-3448 | PHP Code Execution vulnerability in Ganglia Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors. | 7.5 |
| 2011-09-23 | CVE-2011-3741 | Information Exposure vulnerability in Ganglia 3.1.7 Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other files. | 5.0 |
| 2007-12-20 | CVE-2007-6465 | Cross-Site Scripting vulnerability in Ganglia Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. | 4.3 |
| 2003-12-31 | CVE-2003-1163 | Remote Denial of Service vulnerability in Ganglia gmond Malformed Packet hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | 5.0 |