CVE-2023-44090
MEDIUMPandora FMS 700-<776 - SQL Injection in Grafana Module
Title source: llmDescription
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pandora FMS on all allows CVE-2008-5817. This vulnerability allowed SQL changes to be made to several files in the Grafana module. This issue affects Pandora FMS: from 700 through <776.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
Scores
CVSS v3
6.8
EPSS
0.0034
EPSS Percentile
25.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-89
Status
published
Products (1)
artica/pandora_fms
700 - 776
Published
Mar 19, 2024
Tracked Since
Feb 18, 2026