Vulnerabilities > Pandorafms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-43978 | Use of Hard-coded Credentials vulnerability in Pandorafms Pandora FMS There is an improper authentication vulnerability in Pandora FMS v764. | 3.7 |
| 2021-06-25 | CVE-2021-35501 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. | 3.5 |
| 2020-06-11 | CVE-2020-13853 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. | 3.5 |
| 2020-02-04 | CVE-2019-19968 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742 PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. | 3.5 |
| 2018-06-16 | CVE-2018-11223 | Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. | 3.5 |