Vulnerabilities > Pandorafms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-11 | CVE-2020-13850 | Missing Authorization vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has inadequate access controls on a web folder. | 5.0 |
| 2020-02-04 | CVE-2019-19968 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742 PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. | 3.5 |
| 2019-06-29 | CVE-2019-13035 | Unspecified vulnerability in Pandorafms Pandora FMS Artica Pandora FMS 7.0 NG before 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. | 7.2 |
| 2018-06-16 | CVE-2018-11223 | Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. | 3.5 |
| 2014-11-19 | CVE-2014-8629 | Cross-Site Scripting vulnerability in Pandorafms Pandora Flexible Monitoring System Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to index.php. | 4.3 |