VDB
GCVE-110-MAGEIA-2015-203
GCVE-110-MAGEIA-2015-203
Advisory Published
Updated pnp4nagios package fixes security vulnerabilities:
Cross-site scripting (XSS) vulnerability in
share/pnp/application/views/kohana_error_page.php in PNP4Nagios before 0.6.22
allows remote attackers to inject arbitrary web script or HTML via a parameter
that is not properly handled in an error message (CVE-2014-4907).
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through
0.6.22 allow remote attackers to inject arbitrary web script or HTML via the
URI used for reaching share/pnp/application/views/kohana_error_page.php or
share/pnp/application/views/template.php, leading to improper handling within
an http-equiv="refresh" META element (CVE-2014-4908).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-mageiasync | 0.1.7-1.mga5 (unaffected), 0 (affected) | — |
| Mageia | pnp4nagios | 0 (affected), 0.6.25-1.1.mga4 (unaffected), 0 (affected), 0.6.25-1.1.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.