CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Prion•added 2018/05/16 1:29 p.m.•15 views

Sql injection

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter...

6.5CVSS7.3AI score0.86271EPSS

Exploits2References1Affected Software1

UbuntuCve•added 2018/05/16 1:29 p.m.•23 views

CVE-2018-10735

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter...

7.2CVSS7.1AI score0.86271EPSS

Exploits2References2

Cvelist•added 2018/05/16 1:0 p.m.•17 views

CVE-2018-10735

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter...

7.6AI score0.86271EPSS

Exploits2References1

CVE•added 2018/05/16 1:0 p.m.•75 views

CVE-2018-10735

Nagios XI is affected by a SQL injection in the admin/commandline.php cname parameter, impacting Nagios XI versions up to 5.4.12. The issue allows authenticated administrators to execute arbitrary SQL commands, potentially accessing or modifying the database and compromising the instance. Remedia...

7.2CVSS7.5AI score0.86271EPSS

Exploits2References1Affected Software1

seebug.org•added 2013/02/06 12:0 a.m.•23 views

Nagios XI多个远程安全漏洞

Bugtraq ID:57672 Nagios是一款免费开放源代码的主机和服务监视软件 Nagios存在多个安全漏洞，包括： -Alert Cloud组件存在反射型跨站脚本漏洞，可获得敏感信息或劫持用户会话。 -Nagios QL存在存储型跨站脚本漏洞，可获得敏感信息或劫持用户会话。 -Autodiscovery没有正确过滤输入，允许攻击者提交恶意作业执行任意代码。 -'admin/commandline.php'脚本不正确过滤用户提交的参数，允许攻击者利用漏洞注入任意SQL。 -Nagios QL存在跨站请求伪造漏洞，允许攻击者利用漏洞执行恶意操作。...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by