centreon/centreon is vulnerable to SQL Injection. The vulnerability exists as several values in multiple monitoring pages were not properly validated, allowing an attacker to inject and execute arbitrary SQL statements.
CPE | Name | Operator | Version |
---|---|---|---|
centreon/centreon | le | 18.10.7 | |
centreon/centreon | le | 19.04.4 |
documentation-fr.centreon.com/docs/centreon/en/19.04/release_notes/centreon-18.10/centreon-18.10.8.html
documentation.centreon.com/docs/centreon/en/19.04/release_notes/centreon-19.04/centreon-19.04.5.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html#centreon-web-18-10-8
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html#centreon-web-19-04-5
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html#centreon-web-19-10-2
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10/index.html
documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html#centreon-web-2-8-30
github.com/centreon/centreon/commit/973866854a7156c0dd7e0115249ae718b6110de3
github.com/centreon/centreon/pull/8063