Centreon Web@2.8.23 Security Vulnerabilities and Issues — Centreon Web@2.8.23 CVE List

Lucene search

CentreonCentreon Web2.8.23

3 matches found

CVE•added 2018/06/25 6:29 p.m.•47 views

CVE-2018-11587

There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.

9.8CVSS9.7AI score0.01141EPSS

CVE•added 2018/06/25 6:29 p.m.•38 views

CVE-2018-11589

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host...

9.8CVSS9.9AI score0.00165EPSS

CVE•added 2018/06/25 6:29 p.m.•35 views

CVE-2018-11588

Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.

5.4CVSS6.3AI score0.00073EPSS