centreon/centreon Security Advisories (27)
-
[HIGH] Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability
PKSA-nqvf-m8h8-wfw7 CVE-2024-23119 GHSA-626r-cj47-p49g
Affected version: <22.10.15
Reported by:
GitHub -
[HIGH] Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability
PKSA-wpjj-t3nk-mz6c CVE-2024-23118 GHSA-2j4g-v4fv-rhwg
Affected version: <22.10.15
Reported by:
GitHub -
[HIGH] Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability
PKSA-zsdh-md4w-d7v7 CVE-2024-23117 GHSA-j8hg-v5qv-9m28
Affected version: <22.10.15
Reported by:
GitHub -
[HIGH] Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability
PKSA-zm6v-bvgw-53jv CVE-2024-23116 GHSA-j4pc-vqvc-4p9x
Affected version: <22.10.15
Reported by:
GitHub -
[HIGH] Centreon updateGroups SQL Injection Remote Code Execution Vulnerability
PKSA-j8tg-gkk1-8p14 CVE-2024-23115 GHSA-qjvm-p5vg-437c
Affected version: <22.10.15
Reported by:
GitHub -
[HIGH] Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability
PKSA-dsc9-1mzw-rv7k CVE-2024-0637 GHSA-22v7-v3mj-pm8r
Affected version: <22.10.15
Reported by:
GitHub -
[CRITICAL] Centreon vulnerable to SQL Injection
PKSA-bcws-c8z3-x4hd CVE-2022-3827 GHSA-j5wx-jvw3-j363
Affected version: <22.10.0-beta1
Reported by:
GitHub -
[MEDIUM] Centreon contains cross-site scripting vulnerability via esc_name parameter
PKSA-pdnv-cjzz-v7kw CVE-2022-40044 GHSA-rv5q-72p2-2q24
Affected version: >=22.0.0,<22.04.1|>=21.10.0,<21.10.8|<21.04.16
Reported by:
GitHub -
[HIGH] Centreon SQL Injection vulnerability via esc_name parameter
PKSA-yzgg-m42t-mxn3 CVE-2022-40043 GHSA-25gv-wg6f-6frp
Affected version: >=22.0.0,<22.04.1|>=21.10.0,<21.10.8|<21.04.16
Reported by:
GitHub -
[MEDIUM] Centreon Sensitive Data Exposure vulnerability
PKSA-2pj6-84j6-hdgf CVE-2020-10945 GHSA-h5qv-p378-3hhr
Affected version: <2.8.32|>=18.0.0,<18.10.11|>=19.0.0,<19.04.10|>=19.10.0,<19.10.7
Reported by:
GitHub -
[HIGH] Centreon Does Not Set HTTPOnly Flag
PKSA-67tg-vwgz-vd3z CVE-2019-17104 GHSA-j224-7qr4-8646
Affected version: <=19.04.3
Reported by:
GitHub -
[MEDIUM] Centreon Sensitive Data Exposure
PKSA-45fp-dsvn-xf1v CVE-2019-17106 GHSA-rx4j-x3fh-9qwg
Affected version: <=2.8.29
Reported by:
GitHub -
[CRITICAL] Centreon Privilege Escalation
PKSA-p3mb-gnkm-18p9 CVE-2018-21025 GHSA-f24j-f97w-65h8
Affected version: <=19.04.3
Reported by:
GitHub -
[CRITICAL] Centreon RCE Vulnerability
PKSA-byxf-fqck-hhjk CVE-2018-11587 GHSA-c8qc-cp8v-prpx
Affected version: =2.8.23|=3.4.6
Reported by:
GitHub -
[MEDIUM] Centreon Cross-site Scripting Vulnerability
PKSA-j72b-xns9-xhkf CVE-2015-7672 GHSA-8w3f-236q-53m4
Affected version: <2.8.27
Reported by:
GitHub -
[HIGH] Centreon SQL Injection
PKSA-fj57-b2qm-bw6q CVE-2018-19312 GHSA-5jxp-4x68-mhqc
Affected version: >=2.8.0,<2.8.24|>=18.0.0,<18.10.0
Reported by:
GitHub -
[MEDIUM] Centreon XSS Vulnerability
PKSA-p4kg-59zt-qj5j CVE-2018-19280 GHSA-7g3c-hrc6-5v4j
Affected version: >=3.4.0,<18.10.0
Reported by:
GitHub -
[HIGH] Centreon SQL Injection
PKSA-11r8-dbh9-mxk8 CVE-2018-19271 GHSA-79hg-357g-rrgv
Affected version: <2.8.28|>=18.0.0,<18.10.0
Reported by:
GitHub -
[MEDIUM] Centreon XSS Vulnerability
PKSA-cm4k-msjd-ghqs CVE-2018-19311 GHSA-8vh5-j6xj-5953
Affected version: >=18.0.0,<18.10.0
Reported by:
GitHub -
[CRITICAL] Centreon allows SNMP trap SQL Injection
PKSA-krzz-psfp-y7vj CVE-2018-19281 GHSA-w2xf-4gg9-87wr
Affected version: >=2.8,<2.8.27|>=18.0.0,<18.10.0
Reported by:
GitHub -
[HIGH] Centreon Command Injection
PKSA-rxpc-vst4-cnnt CVE-2015-1561 GHSA-c4fj-3wqq-g9c9
Affected version: <2.8.28
Reported by:
GitHub -
[HIGH] OS Command Injection in Centreon
PKSA-kgpp-zx3j-yr8n CVE-2020-22345 GHSA-2q95-593f-g7h7
Affected version: <=19.10.8
Reported by:
GitHub -
[HIGH] Improper Input Validation in Centreon Web
PKSA-w8n7-75q2-d8bq CVE-2019-16405 GHSA-4f26-v6fr-9hmp
Affected version: >=19.0.0,<19.04.5|<18.10.8
Reported by:
GitHub -
[HIGH] Command Injection in Centreon
PKSA-gqn1-r71z-4prr CVE-2020-13252 GHSA-jmgg-wx67-7qfv
Affected version: <19.04.15
Reported by:
GitHub -
[MEDIUM] Cross-site scripting in Centreon
PKSA-kq2z-fvrd-8wtw CVE-2021-27676 GHSA-r5mf-q76q-f2xq
Affected version: <20.10.7
Reported by:
GitHub -
[MEDIUM] Predictable CSRF tokens in centreon/centreon
PKSA-dd1z-vyhd-6whg CVE-2021-28055 GHSA-7rg4-266c-jqw6
Affected version: <2.8.37|>=19.10.0,<19.10.23|>=20.04.0,<20.04.13|>=20.10.0,<20.10.7
Reported by:
GitHub -
[CRITICAL] SQL injection in Centreon
PKSA-663n-py2k-9wrs CVE-2019-16194 GHSA-wgjx-hm34-qgf7
Affected version: >=19.0.0,<19.04.5|<18.10.8
Reported by:
GitHub