Centreon Command Injection

The escapecommand function in include/Administration/corePerformance/getStats.php in Centreon formerly Merethis Centreon 2.5.4 and earlier offending file deleted in Centreon 19.10.0 uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via she...

GHSA-C4FJ-3WQQ-G9C9 Centreon Command Injection

The escapecommand function in include/Administration/corePerformance/getStats.php in Centreon formerly Merethis Centreon 2.5.4 and earlier offending file deleted in Centreon 19.10.0 uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via she...

Centreon Web Code Injection Vulnerability

Centreon Web is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A code injection vulnerability exists in the getStats.php file in versions of Centreon Web prior to...

Remote Code Execution.

Centreon Web is vulnerable to remote code execution RCE. The attacker can inject malicious code through nsid parameter in getStats.php...

CVE-2018-21023

getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the nsid parameter...

CVE-2018-21023

getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the nsid parameter...

Code injection

getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the nsid parameter...

CVE-2018-21023

Centreon Web ≤ 2.8.28 contains a code execution vulnerability in getStats.php via the ns_id parameter. The issue arises from how externally entered data is used to construct a code segment, enabling authenticated attackers to execute arbitrary code. Affected product/version details and CVE descri...

CVE-2018-21023

getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the nsid parameter...

CVE-2015-1561

The escapecommand function in include/Administration/corePerformance/getStats.php in Centreon formerly Merethis Centreon 2.5.4 and earlier fixed in Centreon 19.10.0 uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters...

Merethis Centreon 'getStats.php' Remote Command Execution Vulnerability

Merethis Centreon is an open source IT monitoring software from Merethis France that needs to be paired with Nagios to manage Nagios via the web web and to enable monitoring of networks, operating systems and applications via third-party components. A remote command execution vulnerability exists...