High severity7.5NVD Advisory· Published Jun 16, 2018· Updated Jun 17, 2026
CVE-2018-11222
CVE-2018-11222
Description
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint.
Affected products
2<=7.23+ 1 more
- (no CPE)range: <=7.23
- (no CPE)range: <=7.23
Patches
Vulnerability mechanics
References
2- pandorafms.com/wp-content/uploads/2018/06/whats-new-723-EN.pdfnvdExploitVendor Advisory
- blog.hackercat.ninja/post/pandoras_box/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.