Vulnerabilities > Pandorafms > Pandora FMS > 7.44
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-43979 | Path Traversal vulnerability in Pandorafms Pandora FMS There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. | 9.8 |
| 2023-01-27 | CVE-2022-43980 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. | 5.4 |
| 2022-08-05 | CVE-2021-46676 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field. | 6.1 |
| 2022-08-05 | CVE-2021-46677 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field. | 6.1 |
| 2022-08-05 | CVE-2021-46678 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field. | 6.1 |
| 2022-08-05 | CVE-2021-46679 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements. | 6.1 |
| 2022-08-05 | CVE-2021-46680 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field. | 6.1 |
| 2022-03-10 | CVE-2022-0507 | SQL Injection vulnerability in Pandorafms Pandora FMS Found a potential security vulnerability inside the Pandora API. | 8.8 |
| 2021-06-25 | CVE-2021-34074 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. | 9.8 |
| 2021-06-25 | CVE-2021-35501 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. | 5.4 |