Pandora FMS

Settings | Report Duplicate

13

I Use This!

Activity Not Available

Analyzed 12 months ago. based on code collected over 1 year ago.

Security

Vulnerabilities per Version

Learn more about BDSAs

Major Versions

click and drag to zoom

Security Vulnerabilities for Version:

Severities:

Type

Identifier	Related Record	Severity	Date Published	Description	Versions Affected
CVE-2023-4677		Critical	Nov 23, 2023	Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs d more...	755.755
CVE-2023-44089		Medium	Dec 29, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-44088		High	Dec 29, 2023	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrar more...	755.755
CVE-2023-41815		Medium	Dec 29, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-41814		Medium	Dec 29, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-41813		Medium	Dec 29, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-41812		High	Nov 23, 2023	Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. Th more...	755.755
CVE-2023-41811		Medium	Nov 23, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-41810		Medium	Nov 23, 2023	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (X more...	755.755
CVE-2023-41808		High	Nov 23, 2023	Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows an unauthorised user to escala more...	755.755

←
1
2
3
4
5
→