Vulnerabilities > Centreon > Centreon WEB > 2.8.20

DATE CVE VULNERABILITY TITLE RISK
2019-10-08 CVE-2018-21021 SQL Injection vulnerability in Centreon web
img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.
network
low complexity
centreon CWE-89
6.5
6.5
2019-10-08 CVE-2018-21020 Improper Input Validation vulnerability in Centreon web
In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place.
network
low complexity
centreon CWE-20
5.0
5.0