Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-10737
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/logbook.php txtSearch parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2018-10738
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2021-33177
The Bulk Modifications functionality in Nagios XI versions before 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
Nagios Nagios Xi
3.5
CVSSv2
CVE-2018-17146
A cross-site scripting vulnerability exists in Nagios XI prior to 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an malicious user to execute arbitrary JavaScript code within the auto login admin management ...
Nagios Nagios Xi
5
CVSSv2
CVE-2018-17148
An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snapshot page) in Nagios XI prior to 5.5.4 allows remote malicious users to gain access to configuration files containing confidential credentials.
Nagios Nagios Xi
NA
CVE-2022-38248
Nagios XI before v5.8.7 exists to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php.
Nagios Nagios Xi
NA
CVE-2022-38254
Nagios XI before v5.8.7 exists to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.
Nagios Nagios Xi
9
CVSSv2
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
7.2
CVSSv2
CVE-2019-9166
Privilege escalation in Nagios XI prior to 5.5.11 allows local malicious users to elevate privileges to root via write access to config.inc.php and import_xiconfig.php.
Nagios Nagios Xi
1 Github repository
4.3
CVSSv2
CVE-2019-9167
Cross-site scripting (XSS) vulnerability in Nagios XI prior to 5.5.11 allows malicious users to inject arbitrary web script or HTML via the xiwindow parameter.
Nagios Nagios Xi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »