13 matches found
PT-2026-20835
A blind time-based SQL injection exists in the Service Dependencies page. An authenticated user can inject arbitrary SQL via the keys of the select POST array parameter vulnerability in Centreon Centreon Infra Monitoring on Linux Service Dependencies modules allows allowing full database...
CVE-2025-12513
Centreon CVE-2025-12513 is a Stored XSS vulnerability in Centreon Infra Monitoring (Hosts configuration form modules). The root cause is improper input neutralization during web page generation. Affected are Infra Monitoring releases: 25.10.0–25.10.1, 24.10.0–24.10.14, and 24.04.0–24.04.18. Highe...
The vulnerability of the Downtime web interface component of the Centreon IT infrastructure monitoring software allows a hacker to execute arbitrary SQL queries.
The vulnerability of the Downtime web interface component of the Centreon IT infrastructure monitoring software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...
The vulnerability of the software used to implement the hypertext environment in the Centreon IT infrastructure monitoring software allows a hacker to execute arbitrary SQL commands.
The vulnerability of the software for implementing the hypertext environment in the Centreon IT infrastructure monitoring software is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands...
Centreon host-monitoring widget, service-monitoring widget and tactical-overview widget cross-site scripting vulnerabilities (CNVD-2021-28002)
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon. The product mainly provides monitoring of network , system and application resources . host-monitoring widget is one of the host monitoring widget . service-monitoring widget is one of the...
Centreon host-monitoring widget, service-monitoring widget and tactical-overview widget cross-site scripting vulnerabilities (CNVD-2021-28003)
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon. The product mainly provides monitoring of network , system and application resources . host-monitoring widget is one of the host monitoring widget . service-monitoring widget is one of the...
Centreon 19.10.5 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'id' SQL Injection Exploit Author: Basim alabdullah Vendor Homepage: https://www.centreon.com Software Link: https://download.centreon.com/ Version: v.19.10.5 Tested on: Centos 5 EXECUTIVE SUMMARY Centreon has...
Centreon 19.10.5 - 'id' SQL Injection
Exploit Title: Centreon 19.10.5 - 'id' SQL Injection Date: 2020-04-19 Exploit Author: Basim alabdullah Vendor Homepage: https://www.centreon.com Software Link: https://download.centreon.com/ Version: v.19.10.5 Tested on: Centos 5 EXECUTIVE SUMMARY Centreon has come a long way from its early roots...
Centreon 19.10.5 SQL Injection
Exploit Title: Centreon 19.10.5 - 'id' SQL Injection Date: 2020-04-19 Exploit Author: Basim alabdullah Vendor Homepage: https://www.centreon.com Software Link: https://download.centreon.com/ Version: v.19.10.5 Tested on: Centos 5 EXECUTIVE SUMMARY Centreon has come a long way from its early roots...
Centreon Infrastructure Monitoring Software Code Execution Vulnerability
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A security vulnerability exists in Centreon Infrastructure Monitoring Software version...
Remote code execution
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...
CVE-2019-20327
Insecure permissions in cwrapperperl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. cwrapperperl is a setuid executable allowing execution of Perl scripts with root privileges...
Centreon 2.5.3 - Remote Command Execution
Centreon 2.5.3 - Remote Command Execution Unauthenticated Remote Command Execution in Centreon Web Interface ================================================================== Description =========== Centreon is a popular monitoring solution. A critical vulnerability has been found in the Centreo...