Product:

Nagios_xi

(Nagios)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 96
Date Id Summary Products Score Patch Annotated
2020-11-16 CVE-2020-28648 Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. Nagios_xi 8.8
2019-03-28 CVE-2019-9164 Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job. Nagios_xi 8.8
2019-03-28 CVE-2019-9165 SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id. Nagios_xi 9.8
2019-03-28 CVE-2019-9166 Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php and import_xiconfig.php. Nagios_xi 7.8
2019-03-28 CVE-2019-9167 Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter. Nagios_xi 6.1
2022-09-07 CVE-2022-38247 Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel. Nagios_xi 4.8
2022-09-07 CVE-2022-38248 Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php. Nagios_xi 6.1
2022-09-07 CVE-2022-38249 Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4. Nagios_xi 6.1
2022-09-07 CVE-2022-38250 Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. Nagios_xi 9.8
2022-09-07 CVE-2022-38251 Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel. Nagios_xi 4.8