Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon web vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2018-21025
In Centreon VM up to and including 19.04.3, centreon-backup.pl allows malicious users to become root via a crafted script, due to incorrect rights of sourced configuration files.
Centreon Centreon Vm
445
VMScore
CVE-2019-17104
In Centreon VM up to and including 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
Centreon Centreon Vm
383
VMScore
CVE-2020-10946
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring wi...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
383
VMScore
CVE-2020-13627
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitorin...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
383
VMScore
CVE-2020-13628
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
655
VMScore
CVE-2012-5967
SQL injection vulnerability in menuXML.php in Centreon 2.3.3 up to and including 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter.
Merethis Centreon 2.3.3
Merethis Centreon 2.3.5
Merethis Centreon 2.3.9-4
Merethis Centreon 2.3.6
Merethis Centreon 2.3.7
Merethis Centreon 2.3.8
Merethis Centreon 2.3.9
Merethis Centreon 2.3.4
1 EDB exploit
578
VMScore
CVE-2018-19312
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
Centreon Centreon
756
VMScore
CVE-2015-1560
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon web 2.7.0) allows remote malicious users to execute arbitrary SQL commands via the sid parameter to in...
Centreon Centreon
1 EDB exploit
3 Github repositories
802
VMScore
CVE-2019-19699
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software up to and including 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed ...
Centreon Centreon
3 Github repositories
312
VMScore
CVE-2021-28054
An issue exists in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in "Configuration > Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter.
Centreon Centreon 20.10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »