Vulnerabilities > Pandorafms > Pandora FMS > 7.0.ng.761

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-43979 Path Traversal vulnerability in Pandorafms Pandora FMS
There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764.
network
low complexity
pandorafms CWE-22
critical
9.8
2023-01-27 CVE-2022-43980 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality.
network
low complexity
pandorafms CWE-79
5.4
2022-08-05 CVE-2021-46676 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field.
network
low complexity
pandorafms CWE-79
6.1
2022-08-05 CVE-2021-46677 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field.
network
low complexity
pandorafms CWE-79
6.1
2022-08-05 CVE-2021-46678 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field.
network
low complexity
pandorafms CWE-79
6.1
2022-08-05 CVE-2021-46679 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements.
network
low complexity
pandorafms CWE-79
6.1
2022-08-05 CVE-2021-46680 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field.
network
low complexity
pandorafms CWE-79
6.1
2022-07-25 CVE-2022-2032 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting.
network
low complexity
pandorafms CWE-79
4.8
2022-07-25 CVE-2022-2059 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting.
network
low complexity
pandorafms CWE-79
4.8
2022-03-10 CVE-2022-0507 SQL Injection vulnerability in Pandorafms Pandora FMS
Found a potential security vulnerability inside the Pandora API.
network
low complexity
pandorafms CWE-89
8.8