Astra Linux - уязвимость в zabbix

A authenticated user can create a hosts group using the configuration with XSS payload, which will be available to other users. When XSS is stored by an authenticated malicious actor, and other users attempt to search for groups during the creation of new hosts, the XSS payload will activate,...

Linux Distros Unpatched Vulnerability : CVE-2022-23133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an...

SUSE CVE-2016-3659

SQL injection vulnerability in graphview.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the hostgroupdata parameter...

Zabbix Sia Zabbix 跨站脚本漏洞

Zabbix Sia Zabbix is an open source monitoring system from the Latvian company Zabbix SIA Zabbix Sia. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix Sia Zabbix suffers from a cross-site scripting vulnerability that originates from th...

Centreon SQL注入漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring of network, system and application resources. A SQL injection vulnerability exists in Centreon versions prior to 20.04.14, 20.10.8, and 21.04.2. An...

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-02543)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in Nagios XI 5.6.9. The vulnerability can be exploited by an attacker to conduct a...

DEBIAN-CVE-2016-3659

SQL injection vulnerability in graphview.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the hostgroupdata parameter...

UBUNTU-CVE-2016-3659

SQL injection vulnerability in graphview.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the hostgroupdata parameter...

CVE-2016-3659

SQL injection vulnerability in graphview.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the hostgroupdata parameter...

Foreman: host and host group parameter SQL injection

Multiple SQL injection vulnerabilities in app/models/concerns/hostcommon.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 fqdn or 2 hostgroup parameter...

Foreman: host and host group parameter SQL injection

Multiple SQL injection vulnerabilities in app/models/concerns/hostcommon.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 fqdn or 2 hostgroup parameter...