9 matches found
Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection Exploi
Exploit for linux platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon SQL and Command Injection', 'Description' = %q This module...
Centreon < 2.5.3 Multiple Vulnerabilities
According to its version number, the Centreon application hosted on the remote web server is affected by multiple vulnerabilities : - Multiple unauthenticated SQL injection vulnerabilities. CVE-2014-3828 - A remote, unauthenticated command injection vulnerability in the 'sessionid' and 'templatei...
Centreon - SQL Injection / Command Injection (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Centreon SQL and Command Injection', 'Description' = %q This module exploits several vulnerabilities on Centreon 2.5.1 and prior and...
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 fixed in Centreon web 2.5.3 allow remote attackers to execute arbitrary SQL commands via 1 the indexid parameter to views/graphs/common/makeXMLListMetrics.php, 2 the sid parameter to...
CVE-2014-3828
Centreon 2.5.1 and Centreon Enterprise Server 2.2 contain SQL injection vulnerabilities (CVE-2014-3828) that are pre-auth and remotely exploitable. The issues arise in multiple PHP components where unsanitized input is used: index_id (views/graphs/common/makeXML_ListMetrics.php), sid (views/graph...
Centreon SQL Injection / Command Injection
Multiple unauthenticated SQL injections and unauthenticated remote command injection in Centreon SQL injections: ------------------ POST http://server/centreon/include/configuration/configObject/traps/GetXMLTrapsForVendor.php POST DATA mnftrid=1 or 1=1 union all select version,2 -- / POST...
Centreon SQL Injection / Command Injection Vulnerability
Centreon SQL InjectioCentreon versions 2.5.2 and below and Centreon Enterprise Server versions 2.2 and below and 3.0 and below suffer from remote SQL injection and remote command injection vulnerabilities.n / Command Injection Multiple unauthenticated SQL injections and unauthenticated remote...
CVE-2014-3828
creationtimestamp| type| source ---|---|--- 2014-10-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41676 2014-10-27 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35078 2018-05-29 15:50:33+00:00| seen|...
Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon SQL and Command Injection', 'Description' = %q This module exploits several vulnerabilities on Centreon 2.5.1 and prio...