Centreon 2.6.x < 2.6.5 Multiple Vulnerabilities

According to its version number, the Centreon application hosted on the remote web server is version 2.6.x prior to 2.6.5. It is, therefore, affected by multiple vulnerabilities : - A cross-site request forgery XSRF vulnerability exists in the main.php script. A remote attacker can exploit this t...

Centreon 2.6.x < 2.6.2 File Upload RCE

According to its version number, the Centreon application hosted on the remote web server is 2.6.x prior to 2.6.2. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of user-uploaded files via the main.php script. An authenticated, remote attacker can...

Centreon 'insertLog()' Function RCE

The Centreon application hosted on the remote web server is affected by a remote code execution vulnerability due to a failure to properly sanitize user-supplied input before using it in a SQL query. The application uses the 'echo' system command with the PHP exec function which allows a remote,...