Lucene search
PRIOn knowledge basePRION:CVE-2018-11589HistoryJun 25, 2018 - 6:29 p.m.
Sql injection
2018-06-2518:29:00
PRIOn knowledge base
www.prio-n.com
4
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| centreon | eq | 3.4.6 | |
| centreon_web | eq | 2.8.23 |
References
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html
github.com/centreon/centreon/pull/6250
github.com/centreon/centreon/pull/6251
github.com/centreon/centreon/pull/6255
github.com/centreon/centreon/pull/6256
github.com/centreon/centreon/pull/6257
github.com/centreon/centreon/releases
Related
nvd
nvd
CVE-2018-11589
2018-06-25 18:29:00
cve
cve
CVE-2018-11589
2018-06-25 18:29:00
cvelist
cvelist
CVE-2018-11589
2018-06-25 18:00:00
openvas
openvas
Centreon <= 2.8.23 Multiple Vulnerabilities
2018-06-27 00:00:00