📦 Pandora Fms

This vulnerability allows attackers to execute arbitrary commands on Pandora FMS servers by exploiting a command injection flaw in the LDAP authentication mechanism. Attackers can gain full control of...

PandoraFMS versions up to 7.54 contain an arbitrary file upload vulnerability in the File Manager component. Attackers can bypass built-in protections using relative paths to upload malicious files, l...

This vulnerability allows authenticated users in Pandora FMS to execute arbitrary operating system commands through the net_tools.php functionality. Attackers can inject malicious commands via the sel...

This vulnerability allows authenticated attackers to read arbitrary files on Pandora FMS servers through the plugin edition feature. It affects Pandora FMS versions 700 through 777.2, potentially expo...

This CVE describes a cross-site scripting (XSS) vulnerability in Pandora FMS that allows attackers to inject malicious scripts into the File Manager section. When exploited, this could enable session ...

This stored cross-site scripting vulnerability in Pandora FMS allows attackers to inject malicious scripts into the Create event section. When users view the compromised page, the scripts execute in t...