漏洞描述
Nagios Network Analyzer 2.4.3 之前的版本中存在 SQL 注入漏洞,参数为 o[col],接口为 api/checks/read/。
Nagios Network Analyzer SQL 注入漏洞(CVE-2021-28925)
PoC代码
暂无相关漏洞推荐
- (CVE-2025-4617)Palo Alto Networks Prisma Browser截图控制绕过漏洞
- (CVE-2025-4618)Palo Alto Networks Prisma Browser敏感信息泄露漏洞
- CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution
- Network Technologies Inc ENVIROMUX存在默认口令
- POC CVE-2012-4889: ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting
- POC CVE-2013-3526: WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting
- POC CVE-2015-7780: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion
- POC CVE-2017-15944: Palo Alto Network PAN-OS - Remote Code Execution
- POC CVE-2017-4011: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting
- POC CVE-2018-10141: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
- POC CVE-2018-10735: NagiosXI <= 5.4.12 `commandline.php` SQL injection
- POC CVE-2018-10736: NagiosXI <= 5.4.12 - SQL injection
- POC CVE-2018-10737: NagiosXI <= 5.4.12 logbook.php SQL injection