Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-40931

Disclosure Date: September 19, 2023 (last updated October 08, 2023)
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0