Vulnerabilities > Pandorafms > Pandora FMS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-25 | CVE-2021-34074 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. | 7.5 |
2021-06-25 | CVE-2021-35501 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. | 3.5 |
2020-07-13 | CVE-2020-11749 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. | 9.0 |
2020-06-11 | CVE-2020-13855 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature. | 9.0 |
2020-06-11 | CVE-2020-13854 | Improper Privilege Management vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows privilege escalation. | 10.0 |
2020-06-11 | CVE-2020-13853 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. | 3.5 |
2020-06-11 | CVE-2020-13852 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. | 9.0 |
2020-06-11 | CVE-2020-13851 | OS Command Injection vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows remote command execution via the events feature. | 9.0 |
2020-06-11 | CVE-2020-13850 | Missing Authorization vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has inadequate access controls on a web folder. | 5.0 |
2020-02-04 | CVE-2019-19968 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742 PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. | 3.5 |