6 matches found
Exploit for SQL Injection in Nagios Nagios_Xi
PoC exploit for CVE-2023-40931, a vulnerability in the HTB MONIT...
Exploit for SQL Injection in Nagios Nagios_Xi
CVE-2023-40931 The sqlmap payload to exploit CVE-2023-40931...
Critical Security Vulnerabilities Uncovered in Nagios XI
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security vulnerabilities have been identified in Nagios XI, a network monitoring software, which could potentially lead to privilege escalation and information disclosure. These...
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Followi...
CVE-2023-40931
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/bannermessage-ajaxhelper.php...
CVE-2023-40931
Nagios XI (version 5.11.0–5.11.1) contains a SQL injection in the POST parameter ID to /nagiosxi/admin/banner_message-ajaxhelper.php, exploitable by authenticated users to run arbitrary SQL commands. Public PoCs exist (e.g., GitHub exploits) and Nessus/Nuclei templates reference this CVE. Remedia...