Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-17645
An issue exists in Centreon prior to 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/service/refreshMacroAjax.php.
Centreon Centreon
7.5
CVSSv2
CVE-2019-17647
An issue exists in Centreon prior to 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter.
Centreon Centreon
6.5
CVSSv2
CVE-2018-19312
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.24) allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI.
Centreon Centreon
5
CVSSv2
CVE-2019-17644
An issue exists in Centreon prior to 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php.
Centreon Centreon
5
CVSSv2
CVE-2019-17646
An issue exists in Centreon prior to 18.10.8, 19.04.5, and 19.10.2. It provides sensitive information via an unauthenticated direct request for api/external.php?object=centreon_metric&action=listByService.
Centreon Centreon
7.5
CVSSv2
CVE-2015-1560
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon web 2.7.0) allows remote malicious users to execute arbitrary SQL commands via the sid parameter to in...
Centreon Centreon
1 EDB exploit
3 Github repositories
6.5
CVSSv2
CVE-2015-1561
The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and previous versions (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary c...
Centreon Centreon
1 EDB exploit
3 Github repositories
5.8
CVSSv2
CVE-2019-19484
Open redirect via parameter ‘p’ in login.php in Centreon (19.04.4 and below) allows an malicious user to craft a payload and execute unintended behavior.
Centreon Centreon
4
CVSSv2
CVE-2019-19486
Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an malicious user to traverse paths via a plugin test.
Centreon Centreon
6.5
CVSSv2
CVE-2019-19487
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an malicious user to achieve command injection via a plugin test.
Centreon Centreon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »