Vulnerabilities > Pandorafms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-21 | CVE-2024-11320 | Command Injection vulnerability in Pandorafms Pandora FMS Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. | 9.8 |
| 2023-06-13 | CVE-2023-2807 | Authentication Bypass by Spoofing vulnerability in Pandorafms Pandora FMS Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS allows an unauthenticated attacker to initiate a password reset process for any user account without proper authentication. | 9.8 |
| 2023-01-27 | CVE-2022-43979 | Path Traversal vulnerability in Pandorafms Pandora FMS There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. | 9.8 |
| 2021-06-25 | CVE-2021-34074 | Unrestricted Upload of File with Dangerous Type vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. | 9.8 |
| 2020-07-13 | CVE-2020-11749 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. | 9.0 |
| 2020-06-11 | CVE-2020-13854 | Improper Privilege Management vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 allows privilege escalation. | 9.8 |