VYPR
High severity7.5NVD Advisory· Published Jun 16, 2018· Updated Jun 17, 2026

CVE-2018-11222

CVE-2018-11222

Description

Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint.

Affected products

2
  • Artica/Pandorafmsinferred2 versions
    <=7.23+ 1 more
    • (no CPE)range: <=7.23
    • (no CPE)range: <=7.23

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.