SQL Injection in Module Search leads to Database Compromise

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/S:N/AU:Y/R:U/V:C/RE:L/U:Amber

Description

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800

AI Analysis

SQL Injection vulnerability in Pandora FMS module search

Basic Information

ID CVE-2026-30813

Source PandoraFMS

Published Apr 13, 2026 at 15:49

Affected Product

Vendor Pandora FMS

Product Pandora FMS

Version 777

Affected Versions Pandora FMS Pandora FMS 777

CWE Classification

CWE-89

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Artica Soluciones Tecnologicas

Product Pandora FMS

Version 777, 778, 779, 780, 781, 782, 783, 784, 785, 786, 787, 788, 789, 790, 791, 792, 793, 794, 795, 796, 797, 798, 799, 800

References

pandorafms.com /en/security/common-vulnerabilities-and-exposures/

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800",
    "published": "2026-04-13T15:49:13.149Z",
    "modified": "2026-04-13T15:49:13.149Z",
    "type": "cve",
    "title": "SQL Injection in Module Search leads to Database Compromise",
    "source": "PandoraFMS",
    "references": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
    "id": "CVE-2026-30813",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Pandora FMS Pandora FMS 777",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/S:N/AU:Y/R:U/V:C/RE:L/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Pandora FMS",
    "version": "777",
    "vendor": "Pandora FMS",
    "ai_description": "SQL Injection vulnerability in Pandora FMS module search",
    "ai_severity": "High",
    "ai_vendor": "Artica Soluciones Tecnologicas",
    "ai_product": "Pandora FMS",
    "ai_version": "777, 778, 779, 780, 781, 782, 783, 784, 785, 786, 787, 788, 789, 790, 791, 792, 793, 794, 795, 796, 797, 798, 799, 800",
    "ai_score": 8.7
}

SQL Injection in Module Search leads to Database Compromise_CVE-2026-30813