CVE-2014-125115

UNKNOWN 0.0

Pandora FMS ≤ 5.0 SP2 Default Credential SQL Injection RCE

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier. The mobile/index.php endpoint fails to properly sanitize user input in the loginhash_data parameter, allowing attackers to extract administrator credentials or active session tokens via crafted requests. This occurs because input is directly concatenated into an SQL query without adequate validation, enabling SQL injection. After authentication is bypassed, a second vulnerability in the File Manager component permits arbitrary PHP file uploads. The file upload functionality does not enforce MIME-type or file extension restrictions, allowing authenticated users to upload web shells into a publicly accessible directory and achieve remote code execution.

CWE	CWE-798 CWE-89
Vendor	artica st
Product	pandora fms
Published	Jul 25, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for artica st pandora fms

Be the first to know when new unknown vulnerabilities affecting artica st pandora fms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Artica ST / Pandora FMS

* ≤ 5.0 SP2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/35380 raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_fms_sqli.rb web.archive.org: https://web.archive.org/web/20140331231237/http://pandorafms.com/downloads/whats_new_5-SP3.pdf web.archive.org: https://web.archive.org/web/20140304121149/http://blog.pandorafms.org/?p=2041 vulncheck.com: https://www.vulncheck.com/advisories/pandora-fms-default-creds-sqli-rce

Credits

Lincoln