Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-40043
Centreon v20.10.18 exists to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.
Centreon Centreon 20.10.18
5.4
CVSSv3
CVE-2022-36194
Centreon 22.04.0 is vulnerable to Cross Site Scripting (XSS) from the function Pollers > Broker Configuration by adding a crafted payload into the name parameter.
Centreon Centreon 22.04.0
8.8
CVSSv3
CVE-2019-15300
A problem was found in Centreon Web up to and including 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldap_host.php. The arId parameter is not properly filtered before being passed to the SQL query.
Centreon Centreon Web
8.8
CVSSv3
CVE-2019-17501
Centreon 19.04 allows malicious users to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen). CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same.
Centreon Centreon 19.04.0
8.8
CVSSv3
CVE-2019-15298
A problem was found in Centreon Web up to and including 19.04.3. An authenticated command injection is present in the page include/configuration/configObject/traps-mibs/formMibs.php. This page is called from the Centreon administration interface. This is the mibs management featu...
Centreon Centreon Web
8.8
CVSSv3
CVE-2019-15299
An issue exists in Centreon Web up to and including 19.04.3. When a user changes his password on his profile page, the contact_autologin_key field in the database becomes blank when it should be NULL. This makes it possible to partially bypass authentication.
Centreon Centreon Web
8.8
CVSSv3
CVE-2019-13024
Centreon 18.x prior to 18.10.6, 19.x prior to 19.04.3, and Centreon web prior to 2.8.29 allows the malicious user to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command int...
Centreon Centreon 19.04.0
1 EDB exploit
4 Github repositories
7.2
CVSSv3
CVE-2022-34871
This vulnerability allows remote malicious users to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of prope...
Centreon Centreon 21.10.2
8.8
CVSSv3
CVE-2020-22425
Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution.
Centreon Centreon 19.10
8.8
CVSSv3
CVE-2018-21021
img_gantt.php in Centreon Web prior to 2.8.27 allows malicious users to perform SQL injections via the host_id parameter.
Centreon Centreon Web
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »