CVE-2016-15050 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorpora…
High CVSS: 8.7

CVE-2016-15050

Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries. Successful exploitation could disclose or modify notification data and, in some cases, impact the application database more broadly.
Vendor
Nagios
Product
Nagios Xi
CWE
CWE-89
Yayın Tarihi
2025-10-30 22:15:36
Güncelleme
2025-11-05 18:27:39
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-89 Nagios Xi HIGH Nagios 2025

Referanslar

https://www.nagios.com/changelog/nagios-xi/ https://www.vulncheck.com/advisories/nagios-xi-sqli-in-notification-search