7 matches found
Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection Exploi
Exploit for linux platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon SQL and Command Injection', 'Description' = %q This module...
Centreon < 2.5.3 Multiple Vulnerabilities
According to its version number, the Centreon application hosted on the remote web server is affected by multiple vulnerabilities : - Multiple unauthenticated SQL injection vulnerabilities. CVE-2014-3828 - A remote, unauthenticated command injection vulnerability in the 'sessionid' and 'templatei...
Centreon - SQL Injection / Command Injection (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Centreon SQL and Command Injection', 'Description' = %q This module exploits several vulnerabilities on Centreon 2.5.1 and prior and...
CVE-2014-3829
Centreon 2.5.1 and Centreon Enterprise Server 2.2 are vulnerable to unauthenticated command injection via displayServiceStatus.php, exploiting shell metacharacters in the session_id or template_id parameters (related to the command_line variable). The issue, CVE-2014-3829, is noted as fixed in Ce...
Centreon SQL Injection / Command Injection
Multiple unauthenticated SQL injections and unauthenticated remote command injection in Centreon SQL injections: ------------------ POST http://server/centreon/include/configuration/configObject/traps/GetXMLTrapsForVendor.php POST DATA mnftrid=1 or 1=1 union all select version,2 -- / POST...
Centreon SQL Injection / Command Injection Vulnerability
Centreon SQL InjectioCentreon versions 2.5.2 and below and Centreon Enterprise Server versions 2.2 and below and 3.0 and below suffer from remote SQL injection and remote command injection vulnerabilities.n / Command Injection Multiple unauthenticated SQL injections and unauthenticated remote...
Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon SQL and Command Injection', 'Description' = %q This module exploits several vulnerabilities on Centreon 2.5.1 and prio...