Shodan
Vulnerabilities
Vulnerable Software
Artica:  >> Pandora Fms  Security Vulnerabilities
CVE-2026-30806
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.002
Published
2026-04-13
CVE-2026-30809
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.7
EPSS Score
0.002
Published
2026-04-13
CVE-2026-30811
Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800
CVSS Score
8.4
EPSS Score
0.0
Published
2026-04-13
CVE-2025-5306
Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778
CVSS Score
7.0
EPSS Score
0.713
Published
2025-06-27
CVE-2024-12992
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE. This issue affects Pandora FMS from 700 to 777.6 .
CVSS Score
8.6
EPSS Score
0.006
Published
2025-03-17
CVE-2024-12971
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6
CVSS Score
8.6
EPSS Score
0.831
Published
2025-03-17
CVE-2024-35304
System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.3
EPSS Score
0.018
Published
2024-06-10
CVE-2024-35305
Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
8.9
EPSS Score
0.004
Published
2024-06-10
CVE-2024-35306
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
8.7
EPSS Score
0.005
Published
2024-06-10
CVE-2024-35307
Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing unauthenticated attackers to execute arbitrary code on the server. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.4
EPSS Score
0.153
Published
2024-06-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved