Vulnerabilities > Centreon > Centreon > 1.4.1

DATE CVE VULNERABILITY TITLE RISK
2008-03-06 CVE-2008-1179 Cross-Site Scripting vulnerability in Centreon
Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) title parameters.
network
centreon CWE-79
4.3
4.3
2008-03-06 CVE-2008-1178 Path Traversal vulnerability in Centreon
Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a ..
network
centreon CWE-22
4.3
4.3
2008-03-03 CVE-2008-1119 Path Traversal vulnerability in Centreon
Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a ..
network
low complexity
centreon CWE-22
5.0
5.0
2007-12-20 CVE-2007-6485 Code Injection vulnerability in Centreon 1.4.1
Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/.
network
low complexity
centreon CWE-94
7.5
7.5