5 matches found
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
The vulnerability of the update_banner_message() function in the Nagios XI monitoring tool allows a hacker to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the updatebannermessage function in the Nagios XI monitoring tool is related to the lack of measures taken to protect the SQL query structure when processing the ID parameter. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access t...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
CVE-2023-40933
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the updatebannermessage function...
Nagios XI SQL Injection Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI version 5.11.1 and earlier, which originated from a...