CVE-2026-5333

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

PT-2026-29740

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

EUVD-2015-9411

Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload files containing JavaScript code that executes in the context of admin/tools.php when accessed by...

CVE-2021-47695

Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting XSS via the My Tools page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

EUVD-2021-34702

Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting XSS via the My Tools page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2021-47695

Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting XSS via the My Tools page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2021-47695

CVE-2021-47695 affects Nagios XI

CVE-2021-47695 Nagios XI < 5.8.0 XSS via My Tools Page

Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting XSS via the My Tools page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2021-47695 Nagios XI < 5.8.0 XSS via My Tools Page

Nagios XI versions prior to 5.8.0 are vulnerable to stored cross-site scripting XSS via the My Tools page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

PT-2025-44550

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.0 Description The software is susceptible to stored cross-site scripting XSS through the My Tools page. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execute...

EUVD-2025-4458

Malicious code in bioql PyPI...

CVE-2023-43890

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability in the diagnostic tools page. This vulnerability is exploited via a crafted HTTP request...

CVE-2021-39413

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

CVE-2024-54957

Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their consent...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 2024R1.2.2, which stems from an open redirect on the...

CVE-2024-54958

Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting XSS vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page...

CVE-2024-54958

Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting XSS vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page...

CVE-2024-54958

Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting XSS vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page...

PT-2025-7439 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version 2024R1.2.2 Description: The issue is a stored Cross-Site Scripting XSS vulnerability in the Tools page of Nagios XI. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored an...

CVE-2024-54958

Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting XSS vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page...