Nagvis
nagvis
9 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (9)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames. |
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to XSS |
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection |
Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS |
XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php. |
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php. |
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argume...Show more |
The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrar...Show more |
An issue was discovered in NagVis 1.9b12. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "nagvis-master/share/userfiles/gadgets/std_table.php" URL. An attacker could execute a...Show more |