Product:

Nagios_xi

(Nagios)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 106
Date Id Summary Products Score Patch Annotated
2021-08-13 CVE-2021-37348 Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php. Nagios_xi 7.5
2021-08-13 CVE-2021-37349 Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because cleaner.php does not sanitise input read from the database. Nagios_xi 7.8
2021-08-13 CVE-2021-37350 Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modifications Tool due to improper input sanitisation. Nagios_xi 9.8
2021-08-13 CVE-2021-37351 Nagios XI before version 5.8.5 is vulnerable to insecure permissions and allows unauthenticated users to access guarded pages through a crafted HTTP request to the server. Nagios_xi 5.3
2021-08-13 CVE-2021-37352 An open redirect vulnerability exists in Nagios XI before version 5.8.5 that could lead to spoofing. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link. Nagios_xi 6.1
2021-09-15 CVE-2021-38156 In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard. Nagios_xi 5.4
2021-09-28 CVE-2021-36363 Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. Nagios_xi 9.8
2021-09-28 CVE-2021-36364 Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards. Nagios_xi 9.8
2021-09-28 CVE-2021-36365 Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. Nagios_xi 9.8
2021-09-28 CVE-2021-36366 Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards. Nagios_xi 9.8