RSS   Vulnerabilities for 'Nagvis'   RSS

2021-10-14
 
CVE-2021-33178

CWE-22
 

 
The Manage Backgrounds functionality within Nagvis versions prior to 2.0.9 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system.

 
2017-03-02
 
CVE-2017-6393

 

 
An issue was discovered in NagVis 1.9b12. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "nagvis-master/share/userfiles/gadgets/std_table.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

 


Copyright 2024, cxsecurity.com

 

Back to Top