Vulnerabilities > Pandorafms > Pandora FMS > 7.0.ng.761
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-43979 | Path Traversal vulnerability in Pandorafms Pandora FMS There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. | 9.8 |
| 2023-01-27 | CVE-2022-43980 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. | 5.4 |
| 2022-08-05 | CVE-2021-46676 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field. | 6.1 |
| 2022-08-05 | CVE-2021-46677 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field. | 6.1 |
| 2022-08-05 | CVE-2021-46678 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field. | 6.1 |
| 2022-08-05 | CVE-2021-46679 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements. | 6.1 |
| 2022-08-05 | CVE-2021-46680 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field. | 6.1 |
| 2022-07-25 | CVE-2022-2032 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. | 4.8 |
| 2022-07-25 | CVE-2022-2059 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. | 4.8 |
| 2022-03-10 | CVE-2022-0507 | SQL Injection vulnerability in Pandorafms Pandora FMS Found a potential security vulnerability inside the Pandora API. | 8.8 |