Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-42429
This vulnerability allows remote malicious users to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue resul...
Centreon Centreon
9.8
CVSSv3
CVE-2019-16194
SQL injection vulnerabilities in Centreon up to and including 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php.
Centreon Centreon
6.1
CVSSv3
CVE-2019-16195
Centreon prior to 2.8.30, 18.x prior to 18.10.8, and 19.x prior to 19.04.5 allows XSS via myAccount alias and name fields.
Centreon Centreon
8.8
CVSSv3
CVE-2021-37556
A SQL injection vulnerability in reporting export in Centreon prior to 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) malicious users to execute arbitrary SQL commands via the include/reporting/dashboard/csvExport/csv_HostGroupLogs.php start and e...
Centreon Centreon
8.8
CVSSv3
CVE-2021-37557
A SQL injection vulnerability in image generation in Centreon prior to 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) malicious users to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter.
Centreon Centreon
7.8
CVSSv3
CVE-2019-20327
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software up to and including 19.10 allow local malicious users to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
Centreon Centreon
5.4
CVSSv3
CVE-2022-36194
Centreon 22.04.0 is vulnerable to Cross Site Scripting (XSS) from the function Pollers > Broker Configuration by adding a crafted payload into the name parameter.
Centreon Centreon 22.04.0
8.8
CVSSv3
CVE-2020-9463
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
Centreon Centreon 19.10
5.4
CVSSv3
CVE-2022-39988
A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows malicious users to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.
Centreon Centreon 22.04.0
8.8
CVSSv3
CVE-2022-40043
Centreon v20.10.18 exists to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.
Centreon Centreon 20.10.18
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »