vendor:
NagiosQL
by:
ThE TiGeR
7.5
CVSS
HIGH
Remote File Inclusion
Not provided
CWE
Product Name: NagiosQL
Affected Version From: Not provided
Affected Version To: Not provided
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Platforms Tested: Not provided
2007
NagiosQL Remote file inclusion
This exploit allows an attacker to include a remote file in the NagiosQL application. By manipulating the 'prepend_adm.php' file, the attacker can execute arbitrary code or gain unauthorized access to the system. The vulnerability was discovered by ThE TiGeR.
Mitigation:
Apply the latest patches and updates for NagiosQL. Ensure that the application is properly configured and access to sensitive files is restricted.