Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-30804 | 1 Artica | 1 Pandora Fms | 2026-04-22 | N/A | 7.2 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800 | |||||
| CVE-2026-30811 | 1 Artica | 1 Pandora Fms | 2026-04-22 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800 | |||||
| CVE-2026-34188 | 1 Artica | 1 Pandora Fms | 2026-04-22 | N/A | 7.2 HIGH |
| Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800 | |||||
| CVE-2024-35307 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing unauthenticated attackers to execute arbitrary code on the server. This issue affects Pandora FMS: from 700 through <777. | |||||
| CVE-2024-12971 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 8.8 HIGH |
| Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6 | |||||
| CVE-2024-12992 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE. This issue affects Pandora FMS from 700 to 777.6 . | |||||
| CVE-2024-35306 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777. | |||||
| CVE-2024-35305 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through <777. | |||||
| CVE-2024-35304 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777. | |||||
| CVE-2023-44092 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 7.6 HIGH |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Pandora FMS on all allows OS Command Injection. This vulnerability allowed to create a reverse shell and execute commands in the OS. This issue affects Pandora FMS: from 700 through <776. | |||||
| CVE-2023-44091 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 7.5 HIGH |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. This ulnerability allowed SQL injections to be made even if authentication failed.This issue affects Pandora FMS: from 700 through <776. | |||||
| CVE-2023-44090 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 6.8 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776. | |||||
| CVE-2023-41793 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 6.7 MEDIUM |
| : Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through <776. | |||||
| CVE-2025-5306 | 1 Artica | 1 Pandora Fms | 2025-09-16 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778 | |||||
| CVE-2023-4677 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 7.0 HIGH |
| Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate to the application as an administrator. This issue affects Pandora FMS <= 772. | |||||
| CVE-2023-41812 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 5.7 MEDIUM |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. This vulnerability allowed PHP executable files to be uploaded through the file manager. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41811 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 5.3 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the news section of the web console. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41810 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets' text box. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41808 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 8.5 HIGH |
| Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows an unauthorised user to escalate and read sensitive files as if they were root. This issue affects Pandora FMS: from 700 through 773. | |||||
| CVE-2023-41807 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A | 9.1 CRITICAL |
| Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability allows a user to escalate permissions on the system shell. This issue affects Pandora FMS: from 700 through 773. | |||||