Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios xi vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-15709
Nagios XI 5.5.6 allows remote authenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
6.5
CVSSv2
CVE-2018-15711
Nagios XI 5.5.6 allows remote authenticated malicious users to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
Nagios Nagios Xi 5.5.6
4.3
CVSSv2
CVE-2018-15712
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the host parameter in api_tool.php.
Nagios Nagios Xi 5.5.6
3.5
CVSSv2
CVE-2018-15713
Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the stored email address in admin/users.php.
Nagios Nagios Xi 5.5.6
4.3
CVSSv2
CVE-2018-15714
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the oname and oname2 parameters.
Nagios Nagios Xi 5.5.6
7.2
CVSSv2
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated malicious users to escalate privileges to root via Autodiscover_new.php.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
6.5
CVSSv2
CVE-2018-10735
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/commandline.php cname parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2018-10736
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/info.php key1 parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2018-10737
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/logbook.php txtSearch parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2018-10738
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
Nagios Nagios Xi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »