Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists …

Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary comm…

In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative…

Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field).

An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line-…

Nagios XI before version 5.8.5 is vulnerable to SQL injection vulnerability in Bulk Modificatio…

Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a r…

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to …

Nagios XI before version 5.11.3 was discovered to contain a remote code execution (RCE) vulnera…

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the…

Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulner…

Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ username parameter.

Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter.

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the…

An issue was discovered in Nagios XI 5.8.5. In the Custom Includes section of the Admin panel, …

Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 all…

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,…

Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option.

Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improp…

SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before …

Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via…

A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an a…

Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary…

Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodis…

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php ch…

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSe…

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 par…

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php c…

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the…

SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrar…

An issue was discovered in Nagios XI 5.4.13. A registered user is able to use directory travers…

In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated attackers to execute arbi…

Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of mo…

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the…

Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ password parameter.

Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x…

Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the…

In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parame…

A path traversal vulnerability exists in Nagios XI below version 5.8.5 AutoDiscovery component …

An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, …