Vulnerabilities > Pandorafms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2022-47372 | Unspecified vulnerability in Pandorafms Pandora FMS Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. | 5.4 |
| 2023-02-15 | CVE-2022-47373 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. | 6.1 |
| 2023-01-27 | CVE-2022-43980 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. | 5.4 |
| 2022-08-05 | CVE-2021-46676 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field. | 6.1 |
| 2022-08-05 | CVE-2021-46677 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the event filter name field. | 6.1 |
| 2022-08-05 | CVE-2021-46678 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the service name field. | 6.1 |
| 2022-08-05 | CVE-2021-46679 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via service elements. | 6.1 |
| 2022-08-05 | CVE-2021-46680 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the module form name field. | 6.1 |
| 2022-08-01 | CVE-2022-26308 | Unspecified vulnerability in Pandorafms Pandora FMS Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role. | 5.4 |
| 2022-07-25 | CVE-2022-2032 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. | 4.8 |