Lucene search
K

6 matches found

CNNVD
CNNVD
added 2025/10/14 12:0 a.m.6 views

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in Centreon versions 24.10.0 through 24.10.13, 24.04.0 through 24.04.1...

6.8CVSS5.8AI score0.00235EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.6 views

PT-2025-34768 · Mahara · Mahara

Name of the Vulnerable Software and Affected Versions: Mahara versions 24.04 through 24.04.0 Mahara versions 23.04 through 23.04.5 Description: Certain conditions on the 'Current submissions' page Administration - Groups - Submissions can lead to information disclosure to an institution...

9.1CVSS6.9AI score0.00302EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/24 7:26 p.m.5 views

CVE-2025-4650

User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26...

7.2CVSS7.8AI score0.00381EPSS
Exploits0References1
OSV
OSV
added 2025/08/22 6:56 p.m.7 views

CVE-2025-6791 Second order SQL injection available to user with low privilege

In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...

8.8CVSS7.3AI score0.00308EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/22 6:50 p.m.4 views

CVE-2025-4650 User with high privileges is able to introduce a SQLi using the Meta Service indicator page

User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26...

7.2CVSS7AI score0.00381EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 6:50 p.m.16 views

CVE-2025-4650

Centreon Web SQL Injection (CVE-2025-4650) affects Centreon Web via the Meta Service indicator page. The root cause is improper neutralization of special elements in an SQL command, enabling a high-privilege attacker to perform a SQLi without user interaction. Affected versions include web 23.10....

7.2CVSS7.1AI score0.00381EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder