4 matches found
UBUNTU-CVE-2026-33456
Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...
CVE-2026-33457
Livestatus injection in the prediction graph page in Checkmk 2.5.0b4, 2.4.0p26, and 2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value...
HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126
Http Client Manager introduces a new Guzzle based plugin which allows you to manage HTTP clients using Guzzle Service Descriptions via YAML, JSON or PHP files, in a simple and efficient way. The modules allows administrators to configure HTTP requests as part of Event Condition Action ECA...
wsdl_finder
This plugin finds new web service descriptions and other web service related files by appending "?WSDL" to all URLs and checking the response. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...