6 matches found
Centreon 安全漏洞
Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for resources such as networks, systems and applications. A security vulnerability exists in Centreon versions 24.10.0 through 24.10.13, 24.04.0 through 24.04.1...
PT-2025-34768 · Mahara · Mahara
Name of the Vulnerable Software and Affected Versions: Mahara versions 24.04 through 24.04.0 Mahara versions 23.04 through 23.04.5 Description: Certain conditions on the 'Current submissions' page Administration - Groups - Submissions can lead to information disclosure to an institution...
CVE-2025-4650
User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26...
CVE-2025-6791 Second order SQL injection available to user with low privilege
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon web Monitoring event logs modules allows SQL Injection.This...
CVE-2025-4650 User with high privileges is able to introduce a SQLi using the Meta Service indicator page
User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26...
CVE-2025-4650
Centreon Web SQL Injection (CVE-2025-4650) affects Centreon Web via the Meta Service indicator page. The root cause is improper neutralization of special elements in an SQL command, enabling a high-privilege attacker to perform a SQLi without user interaction. Affected versions include web 23.10....