CVE-2016-15050
30.10.2025, 22:15
Nagios XI versions prior to5.2.4 containa SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries. Successful exploitation could disclose or modify notification data and, in some cases, impact the application database more broadly.
Awaiting analysis
This vulnerability is currently awaiting analysis.