Vulnerabilities > Centreon > Centreon WEB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-23 | CVE-2024-55573 | Unspecified vulnerability in Centreon web An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. | 7.2 |
| 2025-01-23 | CVE-2024-53923 | Unspecified vulnerability in Centreon web An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x before 23.10.19, 23.04.x before 23.04.24. | 7.2 |
| 2024-08-21 | CVE-2024-5723 | Unspecified vulnerability in Centreon web Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-08-21 | CVE-2024-5725 | Unspecified vulnerability in Centreon web Centreon initCurveList SQL Injection Remote Code Execution Vulnerability. | 8.8 |
| 2024-05-03 | CVE-2023-51633 | Cross-site Scripting vulnerability in Centreon web Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability. | 9.6 |
| 2021-05-04 | CVE-2021-26804 | Incorrect Default Permissions vulnerability in Centreon web 19.10.18/20.04.8/20.10.2 Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application. | 6.5 |
| 2020-02-24 | CVE-2019-15299 | Improper Authentication vulnerability in Centreon web An issue was discovered in Centreon Web through 19.04.3. | 8.8 |
| 2019-11-27 | CVE-2019-15300 | SQL Injection vulnerability in Centreon web A problem was found in Centreon Web through 19.04.3. | 8.8 |
| 2019-11-27 | CVE-2019-15298 | OS Command Injection vulnerability in Centreon web A problem was found in Centreon Web through 19.04.3. | 8.8 |
| 2019-11-21 | CVE-2019-16406 | Incorrect Permission Assignment for Critical Resource vulnerability in Centreon web 19.04.4 Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware virtual machine) and OVF (aka VirtualBox virtual machine) files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron. | 7.8 |