Monitoring Software
by Serverscheck
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-18550 | Hig | 0.57 | 8.8 | 0.01 | Oct 21, 2018 | ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user. | ||
| CVE-2018-18552 | Med | 0.42 | 6.5 | 0.03 | Oct 24, 2018 | ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes from a… | ||
| CVE-2018-18551 | Med | 0.40 | 6.1 | 0.01 | Oct 24, 2018 | ServersCheck Monitoring Software through 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, group_delete.html group parameter, report_save.html query… | ||
| CVE-2017-17832 | Med | 0.35 | 5.4 | 0.01 | Dec 27, 2017 | ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings - SMS Alerts… | ||
| CVE-2005-1798 | 0.00 | — | 0.02 | May 29, 2005 | Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request. |
- risk 0.57cvss 8.8epss 0.01
ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user.
- risk 0.42cvss 6.5epss 0.03
ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes from a…
- risk 0.40cvss 6.1epss 0.01
ServersCheck Monitoring Software through 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, group_delete.html group parameter, report_save.html query…
- risk 0.35cvss 5.4epss 0.01
ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings - SMS Alerts…
- CVE-2005-1798May 29, 2005risk 0.00cvss —epss 0.02
Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.