8 matches found
CVE-2020-36857
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in the SNMP Trap Interface page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not...
CVE-2020-36857
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in the SNMP Trap Interface page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not...
CVE-2020-36869 Nagios XI < 5.7.5 SQL injection via SNMP Trap Interface Edit Page
Nagios XI versions prior to 5.7.5 contain a SQL injection vulnerability in the SNMP Trap Interface edit page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not properly...
CVE-2020-36857 Nagios XI < 5.6.14 Authenticated SQL Injection via SNMP Trap Interface Page
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in the SNMP Trap Interface page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not...
CVE-2020-36857 Nagios XI < 5.6.14 Authenticated SQL Injection via SNMP Trap Interface Page
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in the SNMP Trap Interface page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not...
PT-2025-44463
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.6.14 Description Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection issue in the SNMP Trap Interface page. Exploitation requires an account with administrative privileges to access the...
Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection
Exploit Title: Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
Nagios XI 5.7.3 SQL Injection
Exploit Title: Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...