Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-13252
Centreon prior to 19.04.15 allows remote malicious users to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
Centreon Centreon
1 Github repository
9.8
CVSSv3
CVE-2018-21024
licenseUpload.php in Centreon Web prior to 2.8.27 allows malicious users to upload arbitrary files via a POST request.
Centreon Centreon
8.8
CVSSv3
CVE-2022-42428
This vulnerability allows remote malicious users to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue resul...
Centreon Centreon
8.8
CVSSv3
CVE-2019-17642
An issue exists in Centreon prior to 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/views/scan/ajax/call.php in the Autodiscovery plugin.
Centreon Centreon
7.5
CVSSv3
CVE-2019-17644
An issue exists in Centreon prior to 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php.
Centreon Centreon
7.5
CVSSv3
CVE-2019-17645
An issue exists in Centreon prior to 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/service/refreshMacroAjax.php.
Centreon Centreon
7.5
CVSSv3
CVE-2019-17646
An issue exists in Centreon prior to 18.10.8, 19.04.5, and 19.10.2. It provides sensitive information via an unauthenticated direct request for api/external.php?object=centreon_metric&action=listByService.
Centreon Centreon
9.8
CVSSv3
CVE-2019-17647
An issue exists in Centreon prior to 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter.
Centreon Centreon
7.2
CVSSv3
CVE-2019-19699
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software up to and including 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed ...
Centreon Centreon
3 Github repositories
6.5
CVSSv3
CVE-2019-19486
Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an malicious user to traverse paths via a plugin test.
Centreon Centreon
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »