CVSS: 9.0EPSS: 90%CPEs: 1EXPL: 1CVE-2020-13852
https://notcve.org/view.php?id=CVE-2020-13852
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. Artica Pandora FMS versión 7.44, permite una carga arbitraria de archivos (lo que conlleva a una ejecución de comandos remota) por medio de la funcionalidad File Manager • https://www.coresecurity.com/advisories https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13853
https://notcve.org/view.php?id=CVE-2020-13853
Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. Artica Pandora FMS versión 7.44, presenta una vulnerabilidad de tipo XSS persistente en la funcionalidad Messages • https://www.coresecurity.com/advisories https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13854
https://notcve.org/view.php?id=CVE-2020-13854
Artica Pandora FMS 7.44 allows privilege escalation. Artica Pandora FMS versión 7.44, permite una escalada de privilegios • https://www.coresecurity.com/advisories https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 90%CPEs: 1EXPL: 1CVE-2020-13855
https://notcve.org/view.php?id=CVE-2020-13855
Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Repository Manager feature. Artica Pandora FMS versión 7.44, permite una carga de archivos arbitraria (lo que conlleva a una ejecución de comandos remota) por medio de la funcionalidad File Repository Manager • https://www.coresecurity.com/advisories https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-13850
https://notcve.org/view.php?id=CVE-2020-13850
Artica Pandora FMS 7.44 has inadequate access controls on a web folder. Artica Pandora FMS versión 7.44, posee controles de acceso inadecuados en una carpeta web • https://www.coresecurity.com/advisories https://www.coresecurity.com/core-labs/advisories/pandora-fms-community-multiple-vulnerabilities • CWE-425: Direct Request ('Forced Browsing') •