Vulnerabilities > Centreon > Centreon WEB > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-03 | CVE-2023-51633 | Cross-site Scripting vulnerability in Centreon web Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability. | 9.6 |
2018-06-25 | CVE-2018-11587 | Code Injection vulnerability in Centreon and Centreon web There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php. | 9.8 |
2018-06-25 | CVE-2018-11589 | SQL Injection vulnerability in Centreon and Centreon web Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php. | 9.8 |