Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon web vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0637
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within ...
NA
CVE-2024-23115
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
NA
CVE-2024-23116
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists withi...
5.4
CVSSv3
CVE-2022-39988
A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows malicious users to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.
Centreon Centreon 22.04.0
5.4
CVSSv3
CVE-2022-40044
Centreon v20.10.18 exists to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via injecting a crafted payl...
Centreon Centreon 20.10.18
8.8
CVSSv3
CVE-2021-28053
An issue exists in Centreon-Web in Centreon Platform 20.10.0. A SQL injection vulnerability in "Configuration > Users > Contacts / Users" allows remote authenticated users to execute arbitrary SQL commands via the Additional Information parameters.
Centreon Centreon 20.10.0
5.4
CVSSv3
CVE-2021-28054
An issue exists in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in "Configuration > Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter.
Centreon Centreon 20.10.0
6.5
CVSSv3
CVE-2021-26804
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote malicious users to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application.
Centreon Centreon Web 19.10.18
Centreon Centreon Web 20.04.8
Centreon Centreon Web 20.10.2
6.5
CVSSv3
CVE-2021-28055
An issue exists in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.
Centreon Centreon 20.10.0
6.1
CVSSv3
CVE-2020-13627
Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitorin...
Centreon Centreon Host-monitoring Widget
Centreon Centreon Tactical-overview Widget
Centreon Centreon Service-monitoring Widget
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »