7.5

CVSS4.0

CVE-2026-34188 - OS Command Injection in Event Response Execution

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:50 p.m. πŸ”„ Last Modified: April 22, 2026, 2:29 p.m.

8.7

CVSS4.0

CVE-2026-34186 - SQL Injection in Custom Fields leads to Database Compromise

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via custom fields. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:49 p.m. πŸ”„ Last Modified: April 22, 2026, 2:37 p.m.

8.7

CVSS4.0

CVE-2026-30813 - SQL Injection in Module Search leads to Database Compromise

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:49 p.m. πŸ”„ Last Modified: April 22, 2026, 2:37 p.m.

2.1

CVSS4.0

CVE-2026-30812 - Stored Cross-Site Scripting in Event Comments via Filter Bypass

Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:48 p.m. πŸ”„ Last Modified: April 22, 2026, 2:36 p.m.

8.4

CVSS4.0

CVE-2026-30811 - Missing Authorization in Configuration Ajax Endpoint leads to Information Disclosure

Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:47 p.m. πŸ”„ Last Modified: April 22, 2026, 2:31 p.m.

8.7

CVSS4.0

CVE-2026-30809 - OS Command Injection in WebServerModuleDebug via Blacklist Bypass leads to Remote Code Execution

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:46 p.m. πŸ”„ Last Modified: April 22, 2026, 2:35 p.m.

8.7

CVSS4.0

CVE-2026-30806 - OS Command Injection in Network Report leads to Remote Code Execution

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:45 p.m. πŸ”„ Last Modified: April 22, 2026, 2:35 p.m.

6.9

CVSS4.0

CVE-2026-6188 - SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and m…

πŸ“… Published: April 13, 2026, 3:45 p.m. πŸ”„ Last Modified: April 22, 2026, 8:23 p.m.

8.6

CVSS4.0

CVE-2026-30804 - Unrestricted File Upload in Extension Uploader leads to Remote Code Execution

Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 through 800

πŸ“… Published: April 13, 2026, 3:44 p.m. πŸ”„ Last Modified: April 22, 2026, 2:34 p.m.

5.3

CVSS4.0

CVE-2026-6231 - bson_validate may skip validation when processing certain inputs

The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. The issue may affect applications that rel…

πŸ“… Published: April 13, 2026, 3:31 p.m. πŸ”„ Last Modified: April 17, 2026, 3:18 p.m.
Total resulsts: 348038
Page 386 of 34,804
Β« previous page Β» next page
Filters