Vulnerabilities > Centreon > Centreon WEB > 19.10.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-04 | CVE-2021-26804 | Incorrect Default Permissions vulnerability in Centreon web 19.10.18/20.04.8/20.10.2 Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application. | 6.5 |