This Metasploit module exploits a vulnerability found in Nagios XI Network Monitor's component 'Graph Explorer'. An authenticated user can execute system commands by injecting it in several parameters, such as in visApi.php's 'host' parameter, which results in remote code execution.
03511b3aec77711f36f512b8cfc1cc8dbd2684b2a54143164f62d0d971975ee5SysAid Helpdesk version 8.5 Pro suffers from multiple remote blind SQL injection vulnerabilities.
6b32da064f8d6d2d434491a60fd914b8e9cf99d9ceab79f915c421782d761761Nagios XI Network Monitor version 2011R1.9 suffers from a remote blind SQL injection vulnerability.
2cf56eed695230c853b7b3b4f90eb894c8c6fc9ed6af1f23249a37152923da76Nagios XI Network Monitor version 2011R1.9 suffers from OS command injection vulnerabilities.
cefe812c8837b8e434b4ea93fe2c8a19e990a7fdd85084570601625036f225c8SysAid Helpdesk Pro version 8.5.04 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
03c43058e177e3b91020c6e39d3d4b8fef0a48ac9173faa8dfc4180f12dd8a08SysAid Helpdesk Pro version 8.5.04 suffers from a remote blind SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
fa0cc50d3a2adf2a8ddb3859e8fb079052be312b93323a5634d101115b058456Moodle CMS version 2.2.1 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
4a0870cfddbf39fd62f02df0db57dd921f34ce9e7f9ed2934dac0a28128680f8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed