14 matches found
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2020-25205
The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the setbanner function of /var/www/core/controller/index.php. An unauthenticated attacker may set the contents of the /mnt/jffs2/banner.txt file, stored on the device's filesystem, to contain...
Exploit for SQL Injection in Nagios Nagios_Xi
CVE-2023-40933 The sqlmap payload to exploit CVE-2023-40933...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2023-40931
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/bannermessage-ajaxhelper.php...
CVE-2023-40931
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/bannermessage-ajaxhelper.php...
Nagios XI SQL Injection Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 5.11.1 and earlier, which originated from a...
Nagios XI SQL Injection Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions 5.11.0 through 5.11.1, which originates from a...
CVE-2020-25205
The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the setbanner function of /var/www/core/controller/index.php. An unauthenticated attacker may set the contents of the /mnt/jffs2/banner.txt file, stored on the device's filesystem, to contain...
Cross site scripting
Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...
CVE-2012-4938
Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...
CentOS 3 : openssh (CESA-2005:550)
Updated openssh packages that fix a potential security vulnerability and various other bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. This includes the core file...
RHEL 3 : openssh (RHSA-2005:550)
Updated openssh packages that fix a potential security vulnerability and various other bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. This includes the core file...