centreon/centreon is vulnerable to SQL injection. The sanitization of host_id
and service_id parameters
in include/monitoring/status/Services/xml/makeXMLForOneService.php
were not done properly, allowing an attacker to inject malicious SQL command through those parameters.
CPE | Name | Operator | Version |
---|---|---|---|
centreon/centreon | le | 19.10.0-beta.3 | |
centreon/centreon | le | 19.10.0-beta.3 |