Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-13628
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
668
VMScore
CVE-2018-11587
There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.
Centreon Centreon Web 2.8.23
Centreon Centreon 3.4.6
312
VMScore
CVE-2018-11588
Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArgu...
Centreon Centreon Web 2.8.23
Centreon Centreon 3.4.6
668
VMScore
CVE-2018-11589
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplat...
Centreon Centreon Web 2.8.23
Centreon Centreon 3.4.6
655
VMScore
CVE-2012-5967
SQL injection vulnerability in menuXML.php in Centreon 2.3.3 up to and including 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter.
Merethis Centreon 2.3.3
Merethis Centreon 2.3.5
Merethis Centreon 2.3.9-4
Merethis Centreon 2.3.6
Merethis Centreon 2.3.7
Merethis Centreon 2.3.8
Merethis Centreon 2.3.9
Merethis Centreon 2.3.4
1 EDB exploit
294
VMScore
CVE-2020-10945
Centreon prior to 19.10.7 exposes Session IDs in server responses.
Centreon Centreon
Centreon Widget-host-monitoring
Centreon Widget-host-monitoring 19.10.0
801
VMScore
CVE-2020-13252
Centreon prior to 19.04.15 allows remote malicious users to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
Centreon Centreon
1 Github repository
756
VMScore
CVE-2015-1560
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon web 2.7.0) allows remote malicious users to execute arbitrary SQL commands via the sid parameter to in...
Centreon Centreon
1 EDB exploit
3 Github repositories
656
VMScore
CVE-2015-1561
The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary c...
Centreon Centreon
1 EDB exploit
3 Github repositories
605
VMScore
CVE-2019-17642
An issue exists in Centreon prior to 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/views/scan/ajax/call.php in the Autodiscovery plugin.
Centreon Centreon
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »