Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-05	CVE-2020-11547	Missing Authentication for Critical Function vulnerability in Paessler Prtg Network Monitor PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm. network low complexity paessler CWE-306	5.3
2020-02-03	CVE-2019-19119	Insufficiently Protected Credentials vulnerability in Paessler Prtg Network Monitor An issue was discovered in PRTG 7.x through 19.4.53. local low complexity paessler CWE-522	5.5
2019-12-31	CVE-2019-9207	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 7.1.3.3378 PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. network low complexity paessler CWE-79	6.1
2019-12-31	CVE-2019-9206	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 7.1.3.3378 PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. network low complexity paessler CWE-79	6.1
2019-04-10	CVE-2018-14683	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor PRTG before 19.1.49.1966 has Cross Site Scripting (XSS) in the WEBGUI. network low complexity paessler CWE-79	6.1
2017-10-26	CVE-2017-15917	Improper Privilege Management vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 In Paessler PRTG Network Monitor 17.3.33.2830, it's possible to create a Map as a read-only user, by forging a request and sending it to the server. network low complexity paessler CWE-269	6.5
2017-10-20	CVE-2017-15651	Improper Input Validation vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message. local low complexity paessler CWE-20	6.7
2017-10-15	CVE-2017-15360	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script. network low complexity paessler CWE-79	5.4
2017-10-04	CVE-2017-15009	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter. network low complexity paessler CWE-79	6.1
2017-10-04	CVE-2017-15008	Cross-site Scripting vulnerability in Paessler Prtg Network Monitor 17.3.33.2830 PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element. network low complexity paessler CWE-79	4.8