Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24517 | 1 Pandorafms | 1 Pandora Fms | 2023-08-26 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. This issue affects Pandora FMS v767 version and prior versions on all platforms. | |||||
| CVE-2021-34074 | 1 Pandorafms | 1 Pandora Fms | 2021-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| PandoraFMS <=7.54 allows arbitrary file upload, it leading to remote command execution via the File Manager. To bypass the built-in protection, a relative path is used in the requests. | |||||
| CVE-2020-11749 | 1 Pandorafms | 1 Pandora Fms | 2020-07-30 | 9.3 HIGH | 9.6 CRITICAL |
| Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. A network administrator scanning a SNMP device can trigger a Cross Site Scripting (XSS), which can run arbitrary code to allow Remote Code Execution as root or apache2. | |||||
| CVE-2020-13854 | 1 Pandorafms | 1 Pandora Fms | 2020-06-11 | 10.0 HIGH | 9.8 CRITICAL |
| Artica Pandora FMS 7.44 allows privilege escalation. | |||||