CVE-2023-40931

Description: A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php

Link: Visit the GitHub Repository

Language: Python

Owner: G4sp4rCS

Stars: 0

Forks: 0