EUVD-2019-9308

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-49085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

The vulnerability of the microprogrammed software of the BUFFALO VR-S1000 routers lies in the lack of measures to neutralize the special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary commands of the operating system.

The vulnerability of the Cacti network monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pollers.php script...

SUSE CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

PT-2023-8526 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions affected versions not specified VR-S1000 firmware versions prior to 2.42 Description: The issue is related to a lack of protection in the SQL query structure in Cacti, and in VR-S1000 firmware, it allows an attacker with access...

PT-2023-8525 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.25 and prior Description: The issue is related to a lack of protection in the SQL query structure of the Cacti network monitoring tool, specifically in the pollers.php script. This allows an authorized user to execute...

CVE-2022-36194

Centreon 22.04.0 is vulnerable to Cross Site Scripting XSS from the function Pollers Broker Configuration by adding a crafted payload into the name parameter...

CVE-2022-36194

Centreon 22.04.0 is vulnerable to Cross Site Scripting XSS from the function Pollers Broker Configuration by adding a crafted payload into the name parameter...

CVE-2022-36194

Centreon 22.04.0 is vulnerable to Cross Site Scripting XSS from the function Pollers Broker Configuration by adding a crafted payload into the name parameter...

Cross site scripting

Centreon 22.04.0 is vulnerable to Cross Site Scripting XSS from the function Pollers Broker Configuration by adding a crafted payload into the name parameter...

CVE-2022-36194

Centreon 22.04.0 is vulnerable to Cross Site Scripting XSS from the function Pollers Broker Configuration by adding a crafted payload into the name parameter...

CVE-2022-36194

Centreon 22.04.0 is vulnerable to Cross-Site Scripting (XSS) in the Pollers > Broker Configuration function caused by inserting a crafted payload into the name parameter. The vulnerable component is the name field processed via the API endpoint /centreon/main.get.php?p=60909 (Pollers → Broker ...

PT-2022-23253 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon version 22.04.0 Description: The issue is related to a Cross Site Scripting XSS attack. It can be exploited from the function Pollers Broker Configuration by adding a crafted payload into the name parameter. This allows for the...

Centreon 22.04.0 Cross Site Scripting Vulnerability

Exploit Title: Stored XSS in name parameter in Centreon version 22.04.0 Exploit Author: syad, yunaranyancat, saitamang Vendor Homepage: Centreon Software Link: https://download.centreon.com/ Version: 22.04.0 CVE ID : CVE-2022-36194 Tested on: Centos 7 Centreon 22.04.0 is vulnerable to Cross Site...

Centreon 22.04.0 Cross Site Scripting

Exploit Title: Stored XSS in name parameter in Centreon version 22.04.0 Date: Exploit Author: syad, yunaranyancat, saitamang Vendor Homepage: Centreon Software Link: https://download.centreon.com/ Version: 22.04.0 CVE ID : CVE-2022-36194 Tested on: Centos 7 Centreon 22.04.0 is vulnerable to Cross...

openSUSE Security Update : cacti / cacti-spine (openSUSE-2021-755)

This update for cacti, cacti-spine fixes the following issues : cacti-spine was updated to 1.2.17 : - Avoid triggering DDos detection in firewalls on large systems - Use mysql reconnect option properly - Fix possible creashes in various operations - Fix remote data collectors pushing too much dat...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...