Vulnerabilities > Pandorafms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2022-47372 | Cross-Site Request Forgery (CSRF) vulnerability in Pandorafms Pandora FMS Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. | 5.4 |
| 2023-02-15 | CVE-2022-47373 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. | 6.1 |
| 2023-01-27 | CVE-2022-43980 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. | 5.4 |
| 2020-06-11 | CVE-2020-13850 | Missing Authorization vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has inadequate access controls on a web folder. | 5.0 |
| 2014-11-19 | CVE-2014-8629 | Cross-Site Scripting vulnerability in Pandorafms Pandora Flexible Monitoring System Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to index.php. | 4.3 |