Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-15902
Graph Explorer in Nagios XI prior to 5.7.2 allows XSS via the link url option.
Nagios Nagios Xi
7.2
CVSSv3
CVE-2018-10735
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/commandline.php cname parameter.
Nagios Nagios Xi
7.2
CVSSv3
CVE-2018-10736
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/info.php key1 parameter.
Nagios Nagios Xi
7.2
CVSSv3
CVE-2018-10738
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
Nagios Nagios Xi
8.8
CVSSv3
CVE-2019-20197
In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account.
Nagios Nagios Xi 5.6.9
2 Github repositories
9.8
CVSSv3
CVE-2018-15708
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
1 Github repository
7.8
CVSSv3
CVE-2018-15710
Nagios XI 5.5.6 allows local authenticated malicious users to escalate privileges to root via Autodiscover_new.php.
Nagios Nagios Xi 5.5.6
2 EDB exploits
2 Metasploit modules
7.2
CVSSv3
CVE-2021-40344
An issue exists in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, an administrator can upload files with arbitrary extensions as long as the MIME type corresponds to an image. Therefore it is possible to upload a crafted PHP script to achieve remote command e...
Nagios Nagios Xi 5.8.5
7.2
CVSSv3
CVE-2020-5792
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.
Nagios Nagios Xi 5.7.3
7.8
CVSSv3
CVE-2020-5796
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges.
Nagios Nagios Xi 5.7.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »