Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
274077.8%CRITICAL

Related CVEs

74
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-34187Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800HIGH7.619.1%May 12, 2026
CVE-2026-30810Server-Side Request Forgery vulnerability allows Privilege Escalation via API Checker extension. This issue affects Pandora FMS: from 777 through 800HIGH7.121.8%May 12, 2026
CVE-2026-30808Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800HIGH7.618.3%May 12, 2026
CVE-2026-30807Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800HIGH7.14.1%May 12, 2026
CVE-2026-30805Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800CRITICAL9.125.9%May 12, 2026
CVE-2026-34188Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800HIGH7.560.7%Apr 13, 2026
CVE-2026-34186Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800HIGH8.716.1%Apr 13, 2026
CVE-2026-30813Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800HIGH8.725.8%Apr 13, 2026
CVE-2026-30812Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800LOW2.17.6%Apr 13, 2026
CVE-2026-30811Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800HIGH8.418.5%Apr 13, 2026
CVE-2026-30809Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800HIGH8.756.4%Apr 13, 2026
CVE-2026-30806Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800HIGH8.756.4%Apr 13, 2026
CVE-2026-30804Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800HIGH8.634.6%Apr 13, 2026
CVE-2025-5306Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778HIGH7.097.1%Jun 27, 2025
CVE-2024-12992Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE. This issue affects Pandora FMS from 700 to 777.6 .HIGH8.665.9%Mar 17, 2025
CVE-2024-12971Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6HIGH8.699.0%Mar 17, 2025
CVE-2024-35307Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing unauthenticated attackers to execute arbitrary code on the server. This issue affects Pandora FMS: from 700 through <777.CRITICAL9.455.6%Jun 10, 2024
CVE-2024-35306OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.HIGH8.756.0%Jun 10, 2024
CVE-2024-35305Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through <777.HIGH8.929.2%Jun 10, 2024
CVE-2024-35304System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.CRITICAL9.361.2%Jun 10, 2024