CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

192 matches found

Github Security Blog•added 2022/05/14 12:55 a.m.•14 views

Centreon SQL Injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.28 allows SQL Injection via the main.php searchH parameter...

8.8CVSS8AI score0.00279EPSS

Exploits1References6Affected Software1

OSV•added 2022/05/14 12:55 a.m.•14 views

GHSA-79HG-357G-RRGV Centreon SQL Injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.28 allows SQL Injection via the main.php searchH parameter...

8.8CVSS9.2AI score0.00279EPSS

Exploits1References5

OSV•added 2022/05/14 12:55 a.m.•11 views

GHSA-5JXP-4X68-MHQC Centreon SQL Injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.24 allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI...

8.8CVSS9.1AI score0.0014EPSS

Exploits1References6

Veracode•added 2022/02/10 5:44 a.m.•22 views

Cross-site Scripting (XSS)

ptrofimov/beanstalkconsole is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the output parameters in main.php and serversList.php, allowing an attacker to inject and execute malicious javascript...

5.4CVSS3.9AI score0.00281EPSS

Exploits1References5Affected Software1

NVD•added 2021/09/02 6:15 p.m.•10 views

CVE-2020-18048

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field...

9.8CVSS0.01821EPSS

Exploits1References2

Prion•added 2021/09/02 6:15 p.m.•8 views

Design/Logic Flaw

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field...

7.5CVSS9.5AI score0.01821EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/09/02 5:46 p.m.•14 views

CVE-2020-18048

An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a crafted input entered into the DB Name field...

9.6AI score0.01821EPSS

Exploits1References2

NVD•added 2020/04/06 4:15 p.m.•9 views

CVE-2019-19699

There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. T...

9CVSS7.5AI score0.38915EPSS

Exploits2References5

NVD•added 2020/03/22 8:15 p.m.•11 views

CVE-2020-10821

Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter...

4.8CVSS5AI score0.24173EPSS

Exploits1References1

Prion•added 2020/03/22 8:15 p.m.•10 views

Cross site scripting

Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter...

3.5CVSS4.8AI score0.24173EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/03/22 7:53 p.m.•14 views

CVE-2020-10821

Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter...

5AI score0.24173EPSS

Exploits1References1

Cvelist•added 2019/10/14 1:12 a.m.•14 views

CVE-2019-17501

Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 aka the Configuration Commands Discovery screen. CVE-2019-17501 and CVE-2019-16405 are similar to one another and may be the same...

7.7AI score0.00466EPSS

Exploits2References1

Prion•added 2019/03/21 4:1 p.m.•8 views

Sql injection

SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued...

7.5CVSS9.9AI score0.01979EPSS

Exploits5References1Affected Software1

Prion•added 2018/11/16 7:29 p.m.•8 views

Sql injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.24 allows SQL Injection via the searchVM parameter to the main.php?p=20408 URI...

6.5CVSS9AI score0.0014EPSS

Exploits1References5Affected Software1

NVD•added 2018/11/16 7:29 p.m.•13 views

CVE-2018-19311

Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...

5.4CVSS5.3AI score0.00092EPSS

Exploits1References3

Prion•added 2018/11/16 7:29 p.m.•12 views

Design/Logic Flaw

Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...

3.5CVSS5.1AI score0.00092EPSS

Exploits1References3Affected Software1

Cvelist•added 2018/11/16 7:0 p.m.•11 views

CVE-2018-19311

Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...

5.3AI score0.00092EPSS

Exploits1References3

OSV•added 2018/11/14 11:29 a.m.•1 views

CVE-2018-19271

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.28 allows SQL Injection via the main.php searchH parameter...

8.8CVSS5.8AI score0.00279EPSS

Exploits1References4

Prion•added 2018/11/14 11:29 a.m.•11 views

Sql injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.28 allows SQL Injection via the main.php searchH parameter...

6.5CVSS9.1AI score0.00279EPSS

Exploits1References4Affected Software1