163 matches found
Sql injection
SQL injection vulnerability in functions/prependadm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php...
CVE-2013-6875
SQL injection vulnerability in functions/prependadm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php...
Nagios Core Config Manager tfPassword SQL Injection
An SQL Injection vulnerability has been reported in Nagios Core Config Manager. The vulnerability is due to improper validation of the tfPassword parameter passed to the application. A remote unauthenticated attacker could exploit this vulnerability by sending a request with a crafted tfPassword...