0.002 Low
EPSS
Percentile
51.4%
Centreon Web is vulnerable to SQL injection. The host_id parameter in makeXML_ListServices.php is directly appended to the SQL query, allowing an attacker to inject and execute arbitrary SQL script through the affected parameter.
host_id
makeXML_ListServices.php
www.openwall.com/lists/oss-security/2019/10/09/2
github.com/centreon/centreon/commit/6879bcdab229265bba9c47c26888d96d15dd25e4
github.com/centreon/centreon/pull/7087
www.openwall.com/lists/oss-security/2019/10/08/1