Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2018-21025
In Centreon VM up to and including 19.04.3, centreon-backup.pl allows malicious users to become root via a crafted script, due to incorrect rights of sourced configuration files.
Centreon Centreon Vm
906
VMScore
CVE-2019-13024
Centreon 18.x prior to 18.10.6, 19.x prior to 19.04.3, and Centreon web prior to 2.8.29 allows the malicious user to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command int...
Centreon Centreon 19.04.0
1 EDB exploit
4 Github repositories
356
VMScore
CVE-2019-17106
In Centreon Web up to and including 2.8.29, disclosure of external components' passwords allows authenticated malicious users to move laterally to external components.
Centreon Centreon Web
755
VMScore
CVE-2007-6485
Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote malicious users to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/.
Centreon Centreon 1.4.1
1 EDB exploit
312
VMScore
CVE-2021-27676
Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts ...
Centreon Centreon 20.10.2
578
VMScore
CVE-2021-28053
An issue exists in Centreon-Web in Centreon Platform 20.10.0. A SQL injection vulnerability in "Configuration > Users > Contacts / Users" allows remote authenticated users to execute arbitrary SQL commands via the Additional Information parameters.
Centreon Centreon 20.10.0
383
VMScore
CVE-2021-28055
An issue exists in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.
Centreon Centreon 20.10.0
NA
CVE-2022-34872
This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of Virtual Metrics. The issue results from the lack o...
Centreon Centreon 21.10.2
NA
CVE-2022-39988
A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows malicious users to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.
Centreon Centreon 22.04.0
NA
CVE-2022-40043
Centreon v20.10.18 exists to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.
Centreon Centreon 20.10.18
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »