21 matches found
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
EUVD-2020-30814
The Core Config Manager CCM in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple SQL injection vulnerabilities in the object edit pages. Unsanitized user-supplied input was incorporated into SQL queries used by configuration object editors, allowing authenticated users to...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2012-10063 Nagios XI < 2012R1.3 Authenticated SQL Injection in Legacy CCM
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager CCM interface. Authenticated users could manipulate SQL queries by supplying crafted input to specific CCM parameters, potentially allowing access to configuration data stored in th...
CVE-2012-10063
Nagios XI versions prior to 2012R1.3 contain an authenticated SQL injection vulnerability in the legacy Core Configuration Manager (CCM) interface. Exploitation requires crafted input to specific CCM parameters and can disclose or modify configuration data stored in the application database, with...
PT-2025-44532
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.3 Description Nagios XI is affected by a SQL injection issue in the legacy Core Configuration Manager CCM interface. Authenticated users can manipulate SQL queries by providing crafted input to specific CCM...
EUVD-2023-45473
Malicious code in bioql PyPI...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
Sql injection
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
Nagios XI SQL Injection Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 5.11.1 and earlier, which originated from a...
CVE-2023-40934
A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings...
PT-2023-5387 · Nagios Xi · Nagios Xi
Name of the Vulnerable Software and Affected Versions: Nagios XI versions 5.11.1 and earlier Description: The issue is related to a SQL injection vulnerability in the Core Configuration Manager of Nagios XI. This vulnerability is caused by the lack of protection against SQL query structure...
CVE-2018-8733
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability...
CVE-2018-8733
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability...
Nagios XI < 2012R2.4 SQL Injection Vulnerability (deprecated)
Binary data 7138.pasl...
Nagios Core Configuration Manager Detection
Binary data 8368.prm...