Vulnerabilities > Pnp4Nagios

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-15	CVE-2023-38349	Cross-Site Request Forgery (CSRF) vulnerability in Pnp4Nagios 0.6.26 PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. network low complexity pnp4nagios CWE-352	8.8
2023-07-15	CVE-2023-38350	Cross-site Scripting vulnerability in Pnp4Nagios 0.6.26 PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. network low complexity pnp4nagios CWE-79	5.4
2017-11-16	CVE-2017-16834	Incorrect Permission Assignment for Critical Resource vulnerability in Pnp4Nagios PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows local users to gain privileges by leveraging access to this unprivileged account. local low complexity pnp4nagios CWE-732	7.8

Vulnerabilities > Pnp4Nagios {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pnp4Nagios"}]}