Vulnerabilities > Centreon > Centreon WEB > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-08 CVE-2018-21021 SQL Injection vulnerability in Centreon web
img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.
network
low complexity
centreon CWE-89
8.8
2019-10-08 CVE-2018-21020 Improper Input Validation vulnerability in Centreon web
In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place.
network
low complexity
centreon CWE-20
7.5