Pandora Fms

pandora_fms

Vendor: Pandorafms • 46 CVEs

CVEs (46)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-13853 1Pandorafms 1Pandora Fms Nov 21, 2024 Jun 11, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Artica Pandora FMS 7.44 has persistent XSS in the Messages feature.
CVE-2020-13852 1Pandorafms 1Pandora Fms Nov 21, 2024 Jun 11, 2020 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature.
CVE-2020-13851 1Pandorafms 1Pandora Fms Nov 21, 2024 Jun 11, 2020 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Artica Pandora FMS 7.44 allows remote command execution via the events feature.
CVE-2020-13850 1Pandorafms 1Pandora Fms Nov 21, 2024 Jun 11, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Artica Pandora FMS 7.44 has inadequate access controls on a web folder.
CVE-2019-19968 1Pandorafms 1Pandora Fms Nov 21, 2024 Feb 4, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later r...Show more PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.Show less
CVE-2019-13035 1Pandorafms 1Pandora Fms Nov 21, 2024 Jun 29, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Artica Pandora FMS 7.0 NG before 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service htt...Show more Artica Pandora FMS 7.0 NG before 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service httpd.exe will try to execute cmd.exe from C:\PandoraFMS (the current directory) as NT AUTHORITY\SYSTEM upon web requests to the portal. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM.Show less

Previous 1 23