22 matches found
CVE-2023-33789
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33789
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33789
Summary: CVE-2023-33789 is a stored XSS vulnerability affecting NetBox 3.5.1, exploitable via the Name field in the Create Contact Groups endpoint at /tenancy/contact-groups/. The issue arises from the injection of crafted payloads that can execute scripts/HTML when rendered. Public sources consi...
CVE-2023-33789
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
PT-2023-24492 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Contact Groups function, specifically at the /tenancy/contact-groups/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by...
CVE-2022-42427
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the contact groups configuration page. The issue results from the lack of proper validation of a...
CVE-2022-42427
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the contact groups configuration page. The issue results from the lack of proper validation of a...
CVE-2022-39895
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent...
Centreon vulnerable to SQL Injection
A SQL injection vulnerability in Centreon affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. Version 22.10.0-beta1 contains a patch for this issue...
GHSA-J5WX-JVW3-J363 Centreon vulnerable to SQL Injection
A SQL injection vulnerability in Centreon affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. Version 22.10.0-beta1 contains a patch for this issue...
CVE-2022-3827
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. The name of t...
Sql injection
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. The name of t...
PT-2022-24325 · Centreon · Centreon
Name of the Vulnerable Software and Affected Versions: Centreon versions prior to 22.10.0-beta1 Description: A critical issue has been identified, affecting the Contact Groups Form component, specifically the file formContactGroup.php. The manipulation of the cg id argument leads to SQL injection...
CVE-2022-3827 centreon Contact Groups Form formContactGroup.php sql injection
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. The name of t...
CVE-2022-3827
Summary of CVE-2022-3827 (Centreon) : A vulnerability in Centreon’s Contact Groups Form (file formContactGroup.php) arises from manipulating the cg_id parameter, causing an SQL injection. The issue is exploitable remotely and can impact confidentiality, integrity, and availability. The patch iden...
CVE-2022-3827 centreon Contact Groups Form formContactGroup.php sql injection
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cgid leads to sql injection. The attack can be initiated remotely. The name of t...
Centreon 安全漏洞
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon, which is caused by unknown code in the...
Centreon Contact Group SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the contact groups configuration page. The issue results from the lack of proper validation of a...
PT-2022-26429 · Centreon · Centreon
Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to escalate privileges on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the contact groups...