Skip to main content

Thruk

5 CVEs product

Monthly

CVE-2024-23822 CRITICAL POC PATCH Act Now

Thruk is a multibackend monitoring webinterface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal File Upload Thruk
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-34096 HIGH POC PATCH THREAT This Week

Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Thruk
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
62.7%
CVE-2021-35490 MEDIUM This Month

Thruk before 2.44 allows XSS for a quick command. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Thruk
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-35489 MEDIUM POC This Month

{HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Thruk
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-35488 MEDIUM POC This Month

{TITLE] Reflected XSS via the host or title parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Thruk
NVD
CVSS 3.1
6.1
EPSS
2.6%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Thruk is a multibackend monitoring webinterface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal File Upload Thruk
NVD GitHub
EPSS 63% CVSS 8.8
HIGH POC PATCH THREAT This Week

Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Thruk
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.4
MEDIUM This Month

Thruk before 2.44 allows XSS for a quick command. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Thruk
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

{HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Thruk
NVD
EPSS 3% CVSS 6.1
MEDIUM POC This Month

{TITLE] Reflected XSS via the host or title parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Thruk
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy