Ganglia: >> Ganglia-Web Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-11-19
A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter.
CVSS Score
5.4
EPSS Score
0.003
Published
2024-11-19
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-01-11
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-01-11
ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
CVSS Score
9.8
EPSS Score
0.021
Published
2017-08-09
Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-04-02
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php.
CVSS Score
4.3
EPSS Score
0.006
Published
2013-12-05
Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-03-14
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
CVSS Score
7.5
EPSS Score
0.26
Published
2012-08-06