CVSS: 9.0EPSS: 3%CPEs: 16EXPL: 3CVE-2010-4278 – Pandora Fms 3.1 - OS Command Injection
https://notcve.org/view.php?id=CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php. operación/agentes/networkmap.php en Pandora FMS anterior a v3.1.1 permite a usuarios remotos autenticados ejecutar código arbitrario a través de meta-caracteres de shell en el parámetro layout en una acción operation/agentes/networkmap para index.php Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/15640 http://osvdb.org/69550 http://seclists.org/fulldisclosure/2010/Nov/326 http://secunia.com/advisories/42347 http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download http://www.exploit-db.com/exploits/15640 http://www.securityfocus.com/archive/1/514939/100/0/threaded http://www.securityfocus.com/bid/45112 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 4CVE-2010-4280 – Pandora Fms 3.1 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4280
Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estado_agente action to index.php, related to operation/agentes/estado_agente.php. Múltiples vulnerabilidades de inyección SQL en Pandora FMS anterior a v3.1.1, permite a usuarios autenticados ejecutar comandos SQL de su elección a través del (1) parámetro id_group en una acción operation/agentes/ver_agente para ajax.php o (2) el parámetro group_id en una acción operation/agentes/estado_agente para index.php, relacionado con operation/agentes/estado_agente.php. Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/15642 https://www.exploit-db.com/exploits/15641 http://osvdb.org/69547 http://osvdb.org/69548 http://seclists.org/fulldisclosure/2010/Nov/326 http://secunia.com/advisories/42347 http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download http://www.exploit-db.com/exploits/15641 http://www.exploit-db.com/exploits/15642 http://www.securityf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 96%CPEs: 16EXPL: 4CVE-2010-4279 – Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2010-4279
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which allows remote attackers to bypass authentication by sending a request to index.php with "admin" in the loginhash_user parameter, in conjunction with the md5 hash of "admin" in the loginhash_data parameter. La configuración por defecto de Pandora FMS v3.1 y anteriores especifica una cadena vacía para el campo loginhash_pwd, permitiendo a atacantes remotos evitar la autenticación mediante el envío de una solicitud a index.php con "admin" en el parámetro loginhash_user, junto con el el hash md5 de " admin "en el parámetro loginhash_data. Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/35731 https://www.exploit-db.com/exploits/15639 http://osvdb.org/69549 http://packetstormsecurity.com/files/129830/Pandora-3.1-Auth-Bypass-Arbitrary-File-Upload.html http://seclists.org/fulldisclosure/2010/Nov/326 http://secunia.com/advisories/42347 http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download http://www.exploit-db.com/exploits/15639 http& • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 3CVE-2010-4281 – Pandora Fms 3.1 - Directory Traversal / Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4281
Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : (colon) character. Vulnerabilidad de lista negra incompleta en la función safe_url_extraclean en ajax.php en Pandora FMS anterior a v3.1.1 permite a atacantes remotos ejecutar código PHP arbitrario mediante un parámetro de página que contiene una ruta de acceso compartido UNC, que evita la verificación para el carácter : (dos puntos) Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/15643 http://osvdb.org/69546 http://seclists.org/fulldisclosure/2010/Nov/326 http://secunia.com/advisories/42347 http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download http://www.exploit-db.com/exploits/15643 http://www.securityfocus.com/archive/1/514939/100/0/threaded http://www.securityfocus.com/bid/45112 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 3CVE-2010-4283 – Pandora Fms 3.1 - Directory Traversal / Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4283
PHP remote file inclusion vulnerability in extras/pandora_diag.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the argv[1] parameter. Vulnerabilidad de inclusión remota de archivo PHP en extras/pandora_diag.php en Pandora FMS anterior a v3.1.1 permite a atacantes remotos ejecutar código PHP de su elección a través de la URL en el parámetro argv[1]. Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/15643 http://osvdb.org/69542 http://seclists.org/fulldisclosure/2010/Nov/326 http://secunia.com/advisories/42347 http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download http://www.exploit-db.com/exploits/15643 http://www.securityfocus.com/archive/1/514939/100/0/threaded http://www.securityfocus.com/bid/45112 • CWE-94: Improper Control of Generation of Code ('Code Injection') •