Nagios Log Server 2.1.3 has CSRF.
Max CVSS
8.8
EPSS Score
0.17%
Published
2020-03-16
Updated
2020-03-19
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796.
Max CVSS
9.8
EPSS Score
26.27%
Published
2016-12-15
Updated
2018-10-09
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.
Max CVSS
9.8
EPSS Score
0.48%
Published
2017-06-06
Updated
2017-06-22
Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008.
Max CVSS
9.8
EPSS Score
1.22%
Published
2017-03-31
Updated
2017-08-29
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
Max CVSS
9.8
EPSS Score
1.70%
Published
2017-03-31
Updated
2017-04-04
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
Max CVSS
10.0
EPSS Score
1.12%
Published
2008-10-30
Updated
2021-09-30
Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output.
Max CVSS
10.0
EPSS Score
0.33%
Published
2002-12-31
Updated
2008-09-05
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!