Vulnerabilities > Centreon > Centreon > 2.4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-05 | CVE-2019-17645 | Information Exposure vulnerability in Centreon An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. | 5.0 |
| 2020-03-04 | CVE-2019-17644 | Information Exposure vulnerability in Centreon An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. | 5.0 |
| 2020-03-04 | CVE-2019-17643 | Information Exposure vulnerability in Centreon An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. | 5.0 |
| 2020-01-16 | CVE-2019-20327 | Improper Privilege Management vulnerability in Centreon Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. | 7.2 |
| 2019-10-08 | CVE-2018-21024 | Unrestricted Upload of File with Dangerous Type vulnerability in Centreon licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request. | 7.5 |
| 2019-09-25 | CVE-2019-16194 | SQL Injection vulnerability in Centreon SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php. | 7.5 |
| 2015-07-14 | CVE-2015-1561 | Command Injection vulnerability in Centreon The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon 19.10.0) uses an incorrect regular expression, which allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ns_id parameter. | 6.5 |
| 2015-07-14 | CVE-2015-1560 | SQL Injection vulnerability in Centreon SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote attackers to execute arbitrary SQL commands via the sid parameter to include/common/XmlTree/GetXmlTree.php. | 7.5 |