Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nagios_xi
(Nagios)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 96 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-11-16 | CVE-2020-28648 | Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. | Nagios_xi | 8.8 | ||
2019-03-28 | CVE-2019-9164 | Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job. | Nagios_xi | 8.8 | ||
2019-03-28 | CVE-2019-9165 | SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using fusekeys and malicious user id. | Nagios_xi | 9.8 | ||
2019-03-28 | CVE-2019-9166 | Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to root via write access to config.inc.php and import_xiconfig.php. | Nagios_xi | 7.8 | ||
2019-03-28 | CVE-2019-9167 | Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter. | Nagios_xi | 6.1 | ||
2022-09-07 | CVE-2022-38247 | Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel. | Nagios_xi | 4.8 | ||
2022-09-07 | CVE-2022-38248 | Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php. | Nagios_xi | 6.1 | ||
2022-09-07 | CVE-2022-38249 | Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4. | Nagios_xi | 6.1 | ||
2022-09-07 | CVE-2022-38250 | Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. | Nagios_xi | 9.8 | ||
2022-09-07 | CVE-2022-38251 | Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel. | Nagios_xi | 4.8 |