CyberSec.Space Logo
Back to CVE Browser

CVE-2019-9204

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1450%
EPSS Percentile19.46th
PublishedMar 28, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers to execute arbitrary SQL commands.

Affected Platforms (CPE)

πŸ“¦
Nagios

Incident Manager

< 2.2.7

References & Advisories

πŸ”— http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
πŸ”— https://www.nagios.com/products/security/
πŸ”— http://packetstormsecurity.com/files/152496/Nagios-XI-5.5.10-XSS-Remote-Code-Execution.html
πŸ”— https://www.nagios.com/products/security/

Related Vulnerabilities

CVE-2017-114638.8

In Ivanti Service Desk (formerly LANDESK Management Suite) versions between 2016.3 and 2017.3, an Unrestricted Direct Object Refer...

CVE-2017-11106.5

IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 contains an unspecified vulnerability that could allow an authenticated...

CVE-2019-207685.4

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS v...

CVE-2018-24055.4

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment...