Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2008-1179
Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) title parameters. NOTE: some of these details a...
Centreon Centreon
Centreon Centreon 1.4.2
Centreon Centreon 1.4.1
Centreon Centreon 1.4.2.2
Centreon Centreon 1.4.2.1
Centreon Centreon 1.4
435
VMScore
CVE-2008-1178
Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119.
Centreon Centreon 1.4.2.2
Centreon Centreon 1.4.2.1
Centreon Centreon 1.4.2
Centreon Centreon
Centreon Centreon 1.4.1
Centreon Centreon 1.4
1 EDB exploit
505
VMScore
CVE-2008-1119
Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter.
Centreon Centreon
Centreon Centreon 1.4.2.2
Centreon Centreon 1.4.1
Centreon Centreon 1.4
Centreon Centreon 1.4.2.1
Centreon Centreon 1.4.2
1 EDB exploit
655
VMScore
CVE-2011-4431
Directory traversal vulnerability in main.php in Merethis Centreon prior to 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.
Merethis Centreon 1.4
Merethis Centreon 1.4.2.5
Merethis Centreon 1.4.2.6
Merethis Centreon 1.4.2.7
Merethis Centreon 2.0
Merethis Centreon 2.1.10
Merethis Centreon 2.1.11
Merethis Centreon 2.1.7
Merethis Centreon 2.1.8
Merethis Centreon 2.2
Merethis Centreon 2.3.0
Merethis Centreon 1.4.2.3
Merethis Centreon 1.4.2.4
Merethis Centreon 2.1.0
Merethis Centreon 2.1.1
Merethis Centreon 2.1.4
Merethis Centreon 2.1.5
Merethis Centreon 2.1.6
Merethis Centreon 1.4.1
Merethis Centreon 1.4.2
Merethis Centreon 2.0.1
Merethis Centreon 2.0.2
1 EDB exploit
445
VMScore
CVE-2011-4432
www/include/configuration/nconfigObject/contact/DB-Func.php in Merethis Centreon prior to 2.3.2 does not use a salt during calculation of a password hash, which makes it easier for context-dependent malicious users to determine cleartext passwords via a rainbow-table approach.
Merethis Centreon 1.4.2.1
Merethis Centreon 1.4.2.2
Merethis Centreon 2.0
Merethis Centreon 2.1.2
Merethis Centreon 2.1.3
Merethis Centreon 2.2.1
Merethis Centreon 2.2.2
Merethis Centreon 1.4.1
Merethis Centreon 1.4.2
Merethis Centreon 2.0.1
Merethis Centreon 2.0.2
Merethis Centreon 2.1.12
Merethis Centreon 2.1.13
Merethis Centreon 2.1.9
Merethis Centreon 2.2
Merethis Centreon 2.3.0
Merethis Centreon
Merethis Centreon 1.4.2.3
Merethis Centreon 1.4.2.4
Merethis Centreon 1.4.2.5
Merethis Centreon 2.1.0
Merethis Centreon 2.1.1
890
VMScore
CVE-2009-4368
Multiple unspecified vulnerabilities in Centreon prior to 2.1.4 have unknown impact and attack vectors in the (1) ping tool, (2) traceroute tool, and (3) ldap import, possibly related to improper authentication.
Merethis Centreon 2.1.2
Merethis Centreon 2.1.1
Merethis Centreon 2.0.1
Merethis Centreon
Merethis Centreon 2.0
Merethis Centreon 2.0.2
Merethis Centreon 1.4.2.6
Merethis Centreon 1.4.2.5
Merethis Centreon 1.4.2.7
Merethis Centreon 1.4
Merethis Centreon 2.1.0
Merethis Centreon 1.4.2.2
Merethis Centreon 1.4.2.1
Merethis Centreon 1.4.2.4
Merethis Centreon 1.4.2.3
Merethis Centreon 1.4.2
Merethis Centreon 1.4.1
356
VMScore
CVE-2021-26804
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote malicious users to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.
Centreon Centreon Web 19.10.18
Centreon Centreon Web 20.04.8
Centreon Centreon Web 20.10.2
578
VMScore
CVE-2018-19271
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) allows SQL Injection via the main.php searchH parameter.
Centreon Centreon 3.4.6
Centreon Centreon 3.4.1
383
VMScore
CVE-2020-13627
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitorin...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
383
VMScore
CVE-2020-10946
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring wi...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »