Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios xi vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-10738
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/menuaccess.php chbKey1 parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2021-33177
The Bulk Modifications functionality in Nagios XI versions before 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
Nagios Nagios Xi
4.3
CVSSv2
CVE-2021-33179
The general user interface in Nagios XI versions before 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload.
Nagios Nagios Xi
9
CVSSv2
CVE-2021-3273
Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI's web system.
Nagios Nagios Xi
NA
CVE-2022-38247
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38249
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38250
Nagios XI v5.8.6 exists to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.
Nagios Nagios Xi 5.8.6
NA
CVE-2022-38251
Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
Nagios Nagios Xi 5.8.6
6.5
CVSSv2
CVE-2018-15709
Nagios XI 5.5.6 allows remote authenticated malicious users to execute arbitrary commands via a crafted HTTP request.
Nagios Nagios Xi 5.5.6
6.5
CVSSv2
CVE-2018-15711
Nagios XI 5.5.6 allows remote authenticated malicious users to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
Nagios Nagios Xi 5.5.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »