CVE-2019-20327

Insecure permissions in cwrapperperl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. cwrapperperl is a setuid executable allowing execution of Perl scripts with root privileges...

CVE-2024-39843

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs...

EUVD-2012-5841

Malware in sbrugna...

The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the centreon-web component of the IT infrastructure monitoring software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code using a specially...

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

PT-2025-17722 · Centreon · Centreon Web

Name of the Vulnerable Software and Affected Versions: Centreon centreon-web versions 22.10.0 through 22.10.27 Centreon centreon-web versions 23.04.0 through 23.04.24 Centreon centreon-web versions 23.10.0 through 23.10.19 Centreon centreon-web versions 24.04.0 through 24.04.9 Centreon centreon-w...

CVE-2022-34871

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of proper validation of a...

CVE-2024-39842

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs...

The vulnerability of the testServiceExistence() function in the software for monitoring IT infrastructure of Centreon allows a hacker to execute arbitrary code.

The vulnerability of the testServiceExistence function in the Centreon IT infrastructure monitoring software is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Centreon 安全漏洞

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon that stems from the presence of a cross-site...

CVE-2022-3827

A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. The name of t...

Command Injection

centreon/centreon is vulnerable to command injection. The vulnerability exists due to the lack of sanitization of the name input via the getList function...

Centreon 19.10.5 - (centreontrapd) Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentO...

Centreon SQL Injection Vulnerability

Centreon formerly known as Merethis Centreon is an open source IT monitoring software suite from Centreon France that needs to be paired with Nagios to manage Nagios via the web and third-party components to enable monitoring of networks, operating systems and applications. A SQL injection...

Centreon Enterprise Server 2.3.3-2.3.9-4 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/env python Exploit Title: Centreon 2.3.3 - 2.3.9-4 menuXML.php Blind SQL Injection Exploit Disclosure Date: December 12, 2012 Author: modpr0be @modpr0be Platform: Linux Tested on: Centreon Enterprise Server with Centreon 2.3.9-4 on CentOS 5.5 x8664 Fin...

Centreon <= 1.4.2.3 (index.php) Remote File Disclosure

Info: Software: Centreon = 1.4.2.3 HomePage: http://www.centreon.com Exploit: Remote File Disclosure High Where: include/doc/index.php Bug Found By: Jose Luis Gуngora Fernбndez|JosS Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com Spanish Hackers Team SHT + Bug In...