Shodan
Vulnerabilities
Vulnerable Software
Artica:  >> Pandora Fms  Security Vulnerabilities
CVE-2025-5306
Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778
CVSS Score
9.8
EPSS Score
0.4
Published
2025-06-27
CVE-2024-12992
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection via RCE. This issue affects Pandora FMS from 700 to 777.6 .
CVSS Score
9.8
EPSS Score
0.004
Published
2025-03-17
CVE-2024-12971
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6
CVSS Score
8.8
EPSS Score
0.703
Published
2025-03-17
CVE-2024-35304
System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.8
EPSS Score
0.018
Published
2024-06-10
CVE-2024-35305
Unauth Time-Based SQL Injection in API allows to exploit HTTP request Authorization header. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-06-10
CVE-2024-35306
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by exploiting variables. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.8
EPSS Score
0.005
Published
2024-06-10
CVE-2024-35307
Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing unauthenticated attackers to execute arbitrary code on the server. This issue affects Pandora FMS: from 700 through <777.
CVSS Score
9.8
EPSS Score
0.153
Published
2024-06-10
CVE-2023-41793
: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through <776.
CVSS Score
6.7
EPSS Score
0.001
Published
2024-03-19
CVE-2023-44090
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776.
CVSS Score
6.8
EPSS Score
0.001
Published
2024-03-19
CVE-2023-44091
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows SQL Injection. This ulnerability allowed SQL injections to be made even if authentication failed.This issue affects Pandora FMS: from 700 through <776.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-03-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved