2 matches found
Centreon RRDdatabase_status_path Command Injection (CVE-2020-13252; CVE-2020-22345)
A command injection vulnerability exists in the Centreon Web Application. The vulnerability is due to improper validation of the RRDdatabasestatuspath parameter in an HTTP request...
CVE-2020-13252
Centreon CVE-2020-13252 affects Centreon prior to version 19.04.15. The vulnerability is a command injection in RRDdatabase_status_path, exploitable by remote attackers who supply shell metacharacters in a request parameter to main.get.php and then load include/views/graphs/graphStatus/displaySer...