Paessler
Products
4- 7 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
9| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-15651 | Med | 0.44 | 6.7 | 0.01 | Oct 20, 2017 | PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message. | |
| CVE-2017-15009 | Med | 0.40 | 6.1 | 0.00 | Oct 4, 2017 | PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter. | |
| CVE-2017-9816 | Med | 0.40 | 6.1 | 0.00 | Aug 18, 2017 | Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |
| CVE-2016-5078 | Med | 0.40 | 6.1 | 0.00 | Apr 10, 2017 | Paessler PRTG before 16.2.24.4045 has XSS via SNMP. | |
| CVE-2017-15360 | Med | 0.35 | 5.4 | 0.00 | Oct 15, 2017 | PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script. | |
| CVE-2017-12879 | Med | 0.35 | 5.4 | 0.00 | Aug 24, 2017 | Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML. | |
| CVE-2017-15008 | Med | 0.31 | 4.8 | 0.00 | Oct 4, 2017 | PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element. | |
| CVE-2009-1849 | 0.00 | — | 0.00 | Jun 1, 2009 | Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2006-4461 | 0.00 | — | 0.00 | Aug 31, 2006 | Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors. |
- risk 0.44cvss 6.7epss 0.01
PRTG Network Monitor 17.3.33.2830 allows remote authenticated administrators to execute arbitrary code by uploading a .exe file and then proceeding in spite of the error message.
- risk 0.40cvss 6.1epss 0.00
PRTG Network Monitor version 17.3.33.2830 is vulnerable to reflected Cross-Site Scripting on error.htm (the error page), via the errormsg parameter.
- risk 0.40cvss 6.1epss 0.00
Cross-site scripting (XSS) vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- risk 0.40cvss 6.1epss 0.00
Paessler PRTG before 16.2.24.4045 has XSS via SNMP.
- risk 0.35cvss 5.4epss 0.00
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all group names created, related to incorrect error handling for an HTML encoded script.
- risk 0.35cvss 5.4epss 0.00
Cross-site scripting (XSS-STORED) vulnerability in the DEVICES OR SENSORS functionality in Paessler PRTG Network Monitor before 17.3.33.2654 allows authenticated remote attackers to inject arbitrary web script or HTML.
- risk 0.31cvss 4.8epss 0.00
PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element.
- CVE-2009-1849Jun 1, 2009risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2006-4461Aug 31, 2006risk 0.00cvss —epss 0.00
Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.