Multiple Directory Traversal Vulnerabilities in Pandora FMS before 3.1.1

Multiple Directory Traversal Vulnerabilities in Pandora FMS before 3.1.1

CVE-2010-4282 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php.

Learn more about our Network Penetration Testing.