Vulnerabilities > Pandorafms > Pandora FMS > 746

DATE CVE VULNERABILITY TITLE RISK
2022-08-05 CVE-2021-46676 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field.
network
low complexity
pandorafms CWE-79
6.1
6.1
2022-08-05 CVE-2021-46677 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field.
network
low complexity
pandorafms CWE-79
6.1
6.1
2022-08-05 CVE-2021-46678 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field.
network
low complexity
pandorafms CWE-79
6.1
6.1
2022-08-05 CVE-2021-46679 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements.
network
low complexity
pandorafms CWE-79
6.1
6.1
2022-08-05 CVE-2021-46680 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field.
network
low complexity
pandorafms CWE-79
6.1
6.1
2022-03-10 CVE-2022-0507 SQL Injection vulnerability in Pandorafms Pandora FMS
Found a potential security vulnerability inside the Pandora API.
network
low complexity
pandorafms CWE-89
8.8
8.8
2021-06-25 CVE-2021-34074 Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS
PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager.
network
low complexity
pandorafms CWE-434
critical
 9.8
9.8
2021-06-25 CVE-2021-35501 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console.
network
low complexity
pandorafms CWE-79
5.4
5.4
2020-07-13 CVE-2020-11749 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views.
network
low complexity
pandorafms CWE-79
critical
 9.0
9.0