Fibranet: >> Monitorix >> 0.7.12 Security Vulnerabilities
The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.
CVSS Score
9.8
EPSS Score
0.046
Published
2019-12-31
Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-12-31
Monitorix before 3.10.1 allows XSS via CGI variables.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-08-02