Command Injection in Centreon

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabasestatuspath via a main.get.php request and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page...

CVE-2020-13252

Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabasestatuspath via a main.get.php request and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page...

Centreon 19.11 SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Postauth SQL injection in Centreon 19.11 param: aclresname Vendor: https://www.centreon.com/ Vulnerable software: https://download.centreon.com/index.php?product=19.10&action=ask&id=5074 Repo: https://github.com/c610/free/...

Centreon Arbitrary System Command Execution Vulnerability

Centreon is a free and open source IT and application monitoring software. An arbitrary system command execution vulnerability exists in Centreon 19.04. An attacker can insert arbitrary commands into the database using the "initscript"-"Monitoring Engine Binary" value in main.get.php and execute...