Vulnerabilities > Nagios > Nagios XI > 5.4.13

DATE CVE VULNERABILITY TITLE RISK
2018-12-17 CVE-2018-20171 Cross-site Scripting vulnerability in Nagios XI
An issue was discovered in Nagios XI before 5.5.8.
network
nagios CWE-79
4.3
4.3
2018-04-30 CVE-2018-10554 Cross-Site Request Forgery (CSRF) vulnerability in Nagios XI 5.4.13
An issue was discovered in Nagios XI 5.4.13.
network
nagios CWE-352
3.5
3.5
2018-04-30 CVE-2018-10553 Path Traversal vulnerability in Nagios XI 5.4.13
An issue was discovered in Nagios XI 5.4.13.
network
low complexity
nagios CWE-22
4.0
4.0
2013-11-26 CVE-2013-6875 SQL Injection vulnerability in Nagios XI
SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php.
network
low complexity
nagios CWE-89
7.5
7.5