CVE-2026-30813
published 2026-04-13CVE-2026-30813: Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from…
PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.34%
25.7th percentile
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artica | pandora_fms | >= 777 < 800.1 | 800.1 |
| pandora_fms | pandora_fms | 777 – 800 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Amber
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Artica Pandora FMS up to 800 sql injection
vuldb·2026-04-13·CVSS 8.7
CVE-2026-30813 [HIGH] Artica Pandora FMS up to 800 sql injection
A vulnerability was found in Artica Pandora FMS up to 800. It has been declared as critical. The impacted element is an unknown function. Such manipulation leads to sql injection.
This vulnerability is listed as CVE-2026-30813. The attack may be performed from remote. There is no available exploit.
GHSA
GHSA-chf8-3p4x-rchj: Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search
ghsa_unreviewed·2026-04-13
CVE-2026-30813 [HIGH] CWE-89 GHSA-chf8-3p4x-rchj: Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-13
Published