Vulnerabilities > Pandorafms > Low

DATE CVE VULNERABILITY TITLE RISK
2023-01-27 CVE-2022-43978 Use of Hard-coded Credentials vulnerability in Pandorafms Pandora FMS
There is an improper authentication vulnerability in Pandora FMS v764.
network
high complexity
pandorafms CWE-798
3.7
2021-06-25 CVE-2021-35501 Cross-site Scripting vulnerability in Pandorafms Pandora FMS
PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console.
network
pandorafms CWE-79
3.5
2020-06-11 CVE-2020-13853 Cross-site Scripting vulnerability in Pandorafms Pandora FMS 7.44
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature.
network
pandorafms CWE-79
3.5
2020-02-04 CVE-2019-19968 Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components.
network
pandorafms CWE-79
3.5
2018-06-16 CVE-2018-11223 Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS
XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
network
pandorafms CWE-79
3.5