Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2021-3325
- EPSS 1.38%
- Published 27.01.2021 19:15:13
- Last modified 21.11.2024 06:21:17
Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without considering that so...
- EPSS 4.63%
- Published 31.12.2019 20:15:11
- Last modified 21.11.2024 02:00:16
The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.
6.1
CVE-2013-7071
- EPSS 0.58%
- Published 31.12.2019 20:15:11
- Last modified 21.11.2024 02:00:17
Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
6.1
CVE-2018-7649
- EPSS 0.3%
- Published 02.08.2018 17:29:00
- Last modified 21.11.2024 04:12:28
Monitorix before 3.10.1 allows XSS via CGI variables.
1