Every CVE whose affected-product data names Opservices Opmon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-5841 — CVSS 9.8 (critical): An issue was discovered in OpServices OpMon 9.3.1-1. Using password change parameters, an attacker could perform SQL injection without…
CVE-2020-7954 — CVSS 7.8 (high): An issue was discovered in OpServices OpMon 9.3.2. Starting from the apache user account, it is possible to perform privilege escalation…
CVE-2020-7953 — CVSS 7.5 (high): An issue was discovered in OpServices OpMon 9.3.2. Without authentication, it is possible to read server files (e.g., /etc/passwd) due to…
CVE-2021-43009 — CVSS 6.1 (medium): A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon through 9.11 via the search parameter in the request URL.