153 matches found
Nagios Network Analyzer 授权问题漏洞
Nagios Network Analyzer is an enterprise solution for monitoring and analyzing network traffic from Nagios, Inc. An authorization issue vulnerability exists in Nagios Network Analyzer version 2024R1.0.3, which stems from improper access control that allows a low-privileged user to perform...
CVE-2025-28131
A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services and deleting critical resources. This flaw arises due to improper authorization enforcement, enablin...
PT-2025-14370 · Nagios · Nagios Network Analyzer
Name of the Vulnerable Software and Affected Versions: Nagios Network Analyzer version 2024R1.0.3 Description: A Broken Access Control issue allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services and deleting critical resources. Th...
ROS-20240606-03
Vulnerability of handlechopping function of Wireshark computer network traffic analyzer is related to a memory handling issue in EditCap. memory handling issue in EditCap. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in MONGO and...
Scrutinizer NetFlow & sFlow Analyzer Log Information Disclosure Vulnerability
Plixer Scrutinizer NetFlow & sFlow Analyzer is a network traffic analysis system from Plixer, USA. The system provides traffic monitoring, context forensics, and security analysis. A security vulnerability exists in Scrutinizer NetFlow & sFlow Analyzer versions prior to 19.3.1, which stems from a...
The vulnerability of the communication standard set for IEEE 802.11 by the computer network traffic analyzer Wireshark allows a hacker to cause a service failure.
The vulnerability of the IEEE 802.11 communication standard set for computer network traffic analyzers like Wireshark is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by injecting specially crafted packets...
Nagios Network Analyzer Cross-Site Scripting (CVE-2021-28924)
A cross-site scripting vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Nagios Network Analyzer SQL Injection (CVE-2021-28925)
An SQL injection vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Nagios Network Analyzer SQL Injection Vulnerability
Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A SQL injection vulnerability exists in Nagios Network Analyzer versions prior to 2.4.3. The vulnerability can be exploited to read sensitive data from the database and...
Nagios Network Analyzer Self-XSS Vulnerability
Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A Self-XSS vulnerability exists in Nagios Network Analyzer versions prior to 2.4.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via...
CVE-2021-28924
Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...
CVE-2021-28925
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
CVE-2021-28925
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
CVE-2021-28924
Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...
Sql injection
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
Code injection
Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...
CVE-2021-28924
Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...
CVE-2021-28924
CVE-2021-28924 affects Nagios Network Analyzer prior to 2.4.2. The issue is a Self Authenticated XSS in the nagiosna/groups/queries page. The vulnerability is a client-side scripting flaw that can be triggered by an authenticated user interacting with the affected page, potentially leading to arb...
CVE-2021-28925
SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...
CVE-2021-28925
Nagios Network Analyzer prior to version 2.4.3 contains a SQL injection vulnerability in the o[col] parameter of api/checks/read/. The issue is due to improper input handling that allows arbitrary SQL execution, potentially enabling an attacker to read and modify database data. Multiple sources c...