Pandorafms

Pandora Fms

57 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-35304

  • EPSS 1.33%
  • Veröffentlicht 10.06.2024 15:15:51
  • Zuletzt bearbeitet 16.09.2025 15:52:02

System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.

6.4

CVE-2023-44090

  • EPSS 0.12%
  • Veröffentlicht 19.03.2024 17:15:08
  • Zuletzt bearbeitet 16.09.2025 15:47:59

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affec...

6.5

CVE-2023-41793

  • EPSS 0.1%
  • Veröffentlicht 19.03.2024 17:15:08
  • Zuletzt bearbeitet 16.09.2025 15:15:05

: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through <776...

9.8

CVE-2023-44091

  • EPSS 0.29%
  • Veröffentlicht 19.03.2024 17:15:08
  • Zuletzt bearbeitet 16.09.2025 15:49:46

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. This ulnerability allowed SQL injections to be made even if authentication failed.This issue affects Pandor...

9.1

CVE-2023-44092

  • EPSS 0.13%
  • Veröffentlicht 19.03.2024 17:15:08
  • Zuletzt bearbeitet 16.09.2025 15:51:17

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Pandora FMS on all allows OS Command Injection. This vulnerability allowed to create a reverse shell and execute commands in the OS. This issu...

6.1

CVE-2023-44089

  • EPSS 0.11%
  • Veröffentlicht 29.12.2023 12:15:44
  • Zuletzt bearbeitet 21.11.2024 08:25:12

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code on Visual Consoles. This issue affects Pandora FM...

8.8

CVE-2023-44088

  • EPSS 0.2%
  • Veröffentlicht 29.12.2023 12:15:43
  • Zuletzt bearbeitet 21.11.2024 08:25:12

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. Arbitrary SQL queries were allowed to be executed using any account with low privileges. This issue affects...

6.1

CVE-2023-41815

  • EPSS 0.14%
  • Veröffentlicht 29.12.2023 12:15:43
  • Zuletzt bearbeitet 21.11.2024 08:21:44

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Malicious code could be executed in the File Manager section. This issue affects Pandora FMS: ...

6.1

CVE-2023-41814

  • EPSS 0.69%
  • Veröffentlicht 29.12.2023 12:15:43
  • Zuletzt bearbeitet 21.11.2024 08:21:43

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user rec...

6.1

CVE-2023-41813

  • EPSS 0.51%
  • Veröffentlicht 29.12.2023 12:15:43
  • Zuletzt bearbeitet 21.11.2024 08:21:43

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Allows you to edit the Web Console user notification options. This issue affects Pandora FMS: ...