Vulnerabilities > Centreon > Centreon > 1.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-06 | CVE-2008-1179 | Cross-Site Scripting vulnerability in Centreon Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) title parameters. | 4.3 |
2008-03-06 | CVE-2008-1178 | Path Traversal vulnerability in Centreon Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. | 4.3 |
2008-03-03 | CVE-2008-1119 | Path Traversal vulnerability in Centreon Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2007-12-20 | CVE-2007-6485 | Code Injection vulnerability in Centreon 1.4.1 Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/. | 7.5 |