Lucene search

K

13 matches found

CVE
CVE
added 2019/11/21 6:15 p.m.78 views

CVE-2019-16405

Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same.

9CVSS7.2AI score0.08968EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.63 views

CVE-2024-23115

Centreon updateGroups SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateGroups function. T...

7.2CVSS7.5AI score0.786EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.62 views

CVE-2024-23116

Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateLCARelation f...

7.2CVSS7.5AI score0.87385EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.56 views

CVE-2024-23117

Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateCo...

7.2CVSS7.5AI score0.87385EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.55 views

CVE-2024-23118

Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateConta...

7.2CVSS7.5AI score0.87385EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.54 views

CVE-2024-23119

Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the insertGraphTempla...

8.8CVSS9.2AI score0.42642EPSS
CVE
CVE
added 2024/08/21 5:15 p.m.50 views

CVE-2024-5723

Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateServiceHost f...

8.8CVSS9.2AI score0.73038EPSS
CVE
CVE
added 2024/04/01 10:15 p.m.49 views

CVE-2024-0637

Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateDirectory funct...

8.8CVSS9.1AI score0.78712EPSS
CVE
CVE
added 2024/08/21 5:15 p.m.48 views

CVE-2024-5725

Centreon initCurveList SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the initCurveList function....

8.8CVSS9.2AI score0.30345EPSS
CVE
CVE
added 2024/05/03 3:16 a.m.46 views

CVE-2023-51633

Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. User interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the sy...

9.6CVSS7.7AI score0.02466EPSS
CVE
CVE
added 2019/10/08 1:15 p.m.38 views

CVE-2018-21020

In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place.

7.5CVSS7.6AI score0.00081EPSS
CVE
CVE
added 2019/10/08 1:15 p.m.32 views

CVE-2018-21021

img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.

8.8CVSS8.8AI score0.00264EPSS
CVE
CVE
added 2019/10/08 1:15 p.m.27 views

CVE-2018-21022

makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the host_id parameter.

8.8CVSS8.8AI score0.00264EPSS