Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CentreonCentreon

59 matches found

CVE
CVEadded 2022/10/06 6:16 p.m.35 views

CVE-2022-39988

A cross-site scripting (XSS) vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the Service>Templates service_alias parameter.

5.4CVSS5.2AI score0.00111EPSS
Web
CVE
CVEadded 2023/01/26 6:59 p.m.35 views

CVE-2022-41142

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to configure poller resources. The issue results from the lack of proper valida...

8.8CVSS7.7AI score0.47704EPSS
CVE
CVEadded 2018/11/14 8:29 p.m.34 views

CVE-2018-19281

Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27) allows SNMP trap SQL Injection.

9.8CVSS9.7AI score0.00216EPSS
CVE
CVEadded 2023/03/29 7:15 p.m.34 views

CVE-2022-42425

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of prope...

8.8CVSS7.6AI score0.51134EPSS
CVE
CVEadded 2021/02/15 6:15 p.m.33 views

CVE-2020-22425

Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution.

8.8CVSS9.1AI score0.02745EPSS
CVE
CVEadded 2008/03/06 12:44 a.m.32 views

CVE-2008-1179

Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) title parameters. NOTE: some of these details are obtained from third party inform...

4.3CVSS5.8AI score0.00048EPSS
Web
CVE
CVEadded 2023/03/29 7:15 p.m.31 views

CVE-2022-42429

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of prope...

8.8CVSS7.6AI score0.51134EPSS
CVE
CVEadded 2019/10/08 3:15 p.m.29 views

CVE-2018-21024

licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request.

9.8CVSS9.2AI score0.00302EPSS
CVE
CVEadded 2008/03/06 12:44 a.m.26 views

CVE-2008-1178

Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119.

4.3CVSS6.6AI score0.00828EPSS
Web
Total number of security vulnerabilities59