cbcvebase.

Ganglia Ganglia-Web vulnerabilities

9 known vulnerabilities affecting ganglia/ganglia-web.

Total CVEs
9
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM7

Vulnerabilities

Page 1 of 1
CVE-2024-52763P2MEDIUMCVSS 5.4ExploitedPoC≥ 3.7.3, ≤ 3.7.52024-11-19
CVE-2024-52763 [MEDIUM] CWE-79 CVE-2024-52763: A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of Ganglia-web v3 A cross-site scripting (XSS) vulnerability in the component /graph_all_periods.php of Ganglia-web v3.73 to v3.75 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "g" parameter.
nvd
CVE-2015-6816P3CRITICALCVSS 9.8≤ 3.7.02017-08-09
CVE-2015-6816 [CRITICAL] CWE-287 CVE-2015-6816: ganglia-web before 3.7.1 allows remote attackers to bypass authentication. ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
nvdosv
CVE-2012-3448P3HIGHCVSS 7.5≤ 3.5.0v2.1.0+12 more2012-08-06
CVE-2012-3448 [HIGH] CVE-2012-3448: Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary P Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
nvd
CVE-2024-52762P4MEDIUMCVSS 5.4PoC≥ 3.7.3, ≤ 3.762024-11-19
CVE-2024-52762 [MEDIUM] CWE-79 CVE-2024-52762: A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter.
nvd
CVE-2019-20378P4MEDIUMCVSS 6.1≤ 3.7.52020-01-11
CVE-2019-20378 [MEDIUM] CWE-79 CVE-2019-20378: ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter. ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.
nvd
CVE-2019-20379P4MEDIUMCVSS 6.1≤ 3.7.52020-01-11
CVE-2019-20379 [MEDIUM] CWE-79 CVE-2019-20379: ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter. ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.
nvd
CVE-2013-6395P4MEDIUMCVSS 4.3v3.5.8v3.5.102013-12-05
CVE-2013-6395 [MEDIUM] CWE-79 CVE-2013-6395: Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php.
nvdosv
CVE-2013-1770P4MEDIUMCVSS 4.3v3.5.72014-04-02
CVE-2013-1770 [MEDIUM] CWE-79 CVE-2013-1770: Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attack Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter.
nvdosv
CVE-2013-0275P4MEDIUMCVSS 4.3≤ 3.5.5v2.1.0+17 more2013-03-14
CVE-2013-0275 [MEDIUM] CWE-79 CVE-2013-0275: Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attacke Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvdosv
Ganglia Ganglia-Web vulnerabilities | cvebase