Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentPandoraFMSVULNRICHMENT:CVE-2023-44090
HistoryMar 19, 2024 - 4:26 p.m.

CVE-2023-44090 UnautH SQL Injection

2024-03-1916:26:12
CWE-89
PandoraFMS
github.com
1
sql injection
pandora fms
grafana module
cve-2023-44090

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

AI Score

7.4

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776.

Related

nvd 2
cve 2
cvelist 2
prion 1
exploitdb 1
nvd
nvd
CVE-2023-44090
2024-03-19 17:15:08
CVE-2008-5817
2009-01-02 18:11:09
cve
cve
CVE-2023-44090
2024-03-19 17:15:08
CVE-2008-5817
2009-01-02 18:11:09
cvelist
cvelist
CVE-2023-44090 UnautH SQL Injection
2024-03-19 16:26:12
CVE-2008-5817
2009-01-02 18:00:00
prion
prion
Sql injection
2009-01-02 18:11:00
exploitdb
exploitdb
webClassifieds 2005 - Authentication Bypass
2008-12-29 00:00:00

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L

AI Score

7.4

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2023-44090
nvd2cve2cvelist2prion1exploitdb1