Full title: Nagios XI 2012R1.5b XSS / Command Execution / SQL Injection / CSRF 
Category: web applications
Platform: php
Nagios XI version 2012R1.5b suffers from cross site request forgery, cross site scripting, remote command injection, and remote SQL injection vulnerabilities.

# 0day.today @ http://0day.today/