3 matches found
Nagios XI SQL Injection (CVE-2019-9165)
An SQL injection vulnerability exists in Nagios XI. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2019-9165
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id...
CVE-2019-9165
CVE-2019-9165 is a SQL injection flaw in Nagios XI before 5.5.11 exploitable via the API using fusekeys and a malicious user id. Components affected: Nagios XI web API; root cause: improper handling of API parameters allowing arbitrary SQL execution. Public data cites a NVD CVSS v3.1 base score o...