Search
Search Results (12 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-6816 | 2 Fedoraproject, Ganglia | 2 Fedora, Ganglia-web | 2025-04-20 | N/A |
| ganglia-web before 3.7.1 allows remote attackers to bypass authentication. | ||||
| CVE-2013-1770 | 1 Ganglia | 1 Ganglia-web | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter. | ||||
| CVE-2012-3448 | 1 Ganglia | 1 Ganglia-web | 2025-04-11 | N/A |
| Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors. | ||||
| CVE-2013-6395 | 1 Ganglia | 1 Ganglia-web | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php. | ||||
| CVE-2011-3741 | 1 Ganglia | 1 Ganglia | 2025-04-11 | N/A |
| Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other files. | ||||
| CVE-2013-0275 | 1 Ganglia | 1 Ganglia-web | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0241 | 1 Ganglia | 1 Ganglia | 2025-04-09 | N/A |
| Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname. | ||||
| CVE-2007-6465 | 1 Ganglia | 1 Ganglia | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2024-52763 | 1 Ganglia | 1 Ganglia-web | 2024-11-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter. | ||||
| CVE-2024-52762 | 1 Ganglia | 1 Ganglia-web | 2024-11-29 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter. | ||||
| CVE-2019-20379 | 1 Ganglia | 1 Ganglia-web | 2024-11-21 | 6.1 Medium |
| ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter. | ||||
| CVE-2019-20378 | 1 Ganglia | 1 Ganglia-web | 2024-11-21 | 6.1 Medium |
| ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter. | ||||
Page 1 of 1.