Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-19487
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an malicious user to achieve command injection via a plugin test.
Centreon Centreon
NA
CVE-2022-3827
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cg_id leads to sql injection. The attack can be initiated remot...
Centreon Centreon
4.3
CVSSv2
CVE-2018-19280
Centreon 3.4.x (fixed in Centreon 18.10.0) has XSS via the resource name or macro expression of a poller macro.
Centreon Centreon
3.5
CVSSv2
CVE-2018-19311
Centreon 3.4.x (fixed in Centreon 18.10.0) allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring > Status Details > Services" screen.
Centreon Centreon
6.5
CVSSv2
CVE-2018-19312
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
Centreon Centreon
NA
CVE-2022-42429
This vulnerability allows remote malicious users to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue resul...
Centreon Centreon
9
CVSSv2
CVE-2020-9463
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
Centreon Centreon 19.10
9
CVSSv2
CVE-2019-17501
Centreon 19.04 allows malicious users to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.
Centreon Centreon 19.04.0
NA
CVE-2022-39988
A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows malicious users to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.
Centreon Centreon 22.04.0
NA
CVE-2022-40043
Centreon v20.10.18 exists to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.
Centreon Centreon 20.10.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »