{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T00:17:19.433","vulnerabilities":[{"cve":{"id":"CVE-2014-125115","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-07-25T16:15:25.870","lastModified":"2026-06-17T00:04:29.540","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier. The mobile/index.php endpoint fails to properly sanitize user input in the loginhash_data parameter, allowing attackers to extract administrator credentials or active session tokens via crafted requests. This occurs because input is directly concatenated into an SQL query without adequate validation, enabling SQL injection. After authentication is bypassed, a second vulnerability in the File Manager component permits arbitrary PHP file uploads. The file upload functionality does not enforce MIME-type or file extension restrictions, allowing authenticated users to upload web shells into a publicly accessible directory and achieve remote code execution."},{"lang":"es","value":"Existe una vulnerabilidad de inyección SQL no autenticada en Pandora FMS versión 5.0 SP2 y anteriores. El endpoint mobile/index.php no depura correctamente la entrada del usuario en el parámetro loginhash_data, lo que permite a los atacantes extraer credenciales de administrador o tokens de sesión activa mediante solicitudes manipuladas. Esto se debe a que la entrada se concatena directamente en una consulta SQL sin la validación adecuada, lo que permite la inyección SQL. Tras eludir la autenticación, una segunda vulnerabilidad en el componente Administrador de Archivos permite la carga arbitraria de archivos PHP. La función de carga de archivos no aplica restricciones de tipo MIME ni de extensión de archivo, lo que permite a los usuarios autenticados cargar shells web en un directorio de acceso público y ejecutar código remoto."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Artica ST","product":"Pandora FMS","defaultStatus":"unaffected","modules":["index.php","mobile/index.php","godmode/setup/file_manager"],"versions":[{"version":"0","lessThanOrEqual":"5.0 SP2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-28T19:04:48.480710Z","id":"CVE-2014-125115","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"},{"lang":"en","value":"CWE-798"}]}],"references":[{"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_fms_sqli.rb","source":"disclosure@vulncheck.com"},{"url":"https://web.archive.org/web/20140304121149/http://blog.pandorafms.org/?p=2041","source":"disclosure@vulncheck.com"},{"url":"https://web.archive.org/web/20140331231237/http://pandorafms.com/downloads/whats_new_5-SP3.pdf","source":"disclosure@vulncheck.com"},{"url":"https://www.exploit-db.com/exploits/35380","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/pandora-fms-default-creds-sqli-rce","source":"disclosure@vulncheck.com"}]}}]}