16 matches found
CVE-2025-12514
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
CVE-2025-8460
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
CVE-2025-12514
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
CVE-2025-12514 A user with elevated privileges is able to introduce a SQL Injection using the Open-tickets Notification rules configuration parameters
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
CVE-2025-12514
CVE-2025-12514 affects Centreon Infra Monitoring - Open-tickets (Notification rules configuration parameters, Open tickets modules). The root cause is improper neutralization of special elements in SQL commands, enabling SQL Injection. Affected versions are 23.10.0–23.10.4, 24.04.0–24.04.5, and 2...
CVE-2025-12514 A user with elevated privileges is able to introduce a SQL Injection using the Open-tickets Notification rules configuration parameters
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
EUVD-2025-204709
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
CVE-2025-12514 A user with elevated privileges is able to introduce a SQL Injection using the Open-tickets Notification rules configuration parameters
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring - Open-tickets Notification rules configuration parameters, Open tickets modules allows SQL Injection to user with elevated privileges.This issue affects Infra Monitoring ...
CVE-2025-8460
Centreon Infra Monitoring (Notification rules, Open tickets module) has a stored XSS vulnerability (CVE-2025-8460). Affected versions are 23.10.0–23.10.4, 24.04.0–24.04.5, and 24.10.0–24.10.5. Root cause: improper neutralization of user input in web page generation. Remediation per linked sources...
CVE-2025-8460 A user with elevated privileges can inject XSS in the Notification rules configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
EUVD-2025-204710
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
CVE-2025-8460 A user with elevated privileges can inject XSS in the Notification rules configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
CVE-2025-8460 A user with elevated privileges can inject XSS in the Notification rules configuration page
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Notification rules, Open tickets module allows Stored XSS by users with elevated privileges.This issue affects Infra Monitoring: from 24.10.0 before 24.10.5, from...
PT-2025-52643
Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring - Open-tickets versions 23.10.0 through 23.10.4 Centreon Infra Monitoring - Open-tickets versions 24.04.0 through 24.04.5 Centreon Infra Monitoring - Open-tickets versions 24.10.0 through 24.10.5 Description A flaw...
Centreon 安全漏洞
Centreon is a set of open source system monitoring tools from the French company Centreon . The product provides monitoring capabilities for network, system and application resources. A security vulnerability exists in Centreon versions 24.10.0 through 24.10.5, 24.04.0 through 24.04.5, and 23.10....
PT-2025-52645
Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 23.10.0 through 23.10.4 Centreon Infra Monitoring versions 24.04.0 through 24.04.5 Centreon Infra Monitoring versions 24.10.0 through 24.10.5 Description The software contains an Improper Neutralization of...