Vulnerabilities > Centreon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2019-19487 | OS Command Injection vulnerability in Centreon Command Injection in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to achieve command injection via a plugin test. | 8.8 |
| 2020-03-20 | CVE-2019-19486 | Path Traversal vulnerability in Centreon Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and below) allows an attacker to traverse paths via a plugin test. | 6.5 |
| 2020-03-20 | CVE-2019-19484 | Open Redirect vulnerability in Centreon Open redirect via parameter ‘p’ in login.php in Centreon (19.04.4 and below) allows an attacker to craft a payload and execute unintended behavior. | 6.1 |
| 2020-03-05 | CVE-2019-17647 | SQL Injection vulnerability in Centreon An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2. | 9.8 |
| 2020-03-05 | CVE-2019-17646 | Forced Browsing vulnerability in Centreon An issue was discovered in Centreon before 18.10.8, 19.04.5, and 19.10.2. | 7.5 |
| 2020-03-05 | CVE-2019-17645 | Forced Browsing vulnerability in Centreon An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. | 7.5 |
| 2020-03-05 | CVE-2019-17642 | OS Command Injection vulnerability in Centreon An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2. | 8.8 |
| 2020-03-04 | CVE-2019-17644 | Forced Browsing vulnerability in Centreon An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. | 7.5 |
| 2020-03-04 | CVE-2019-17643 | Forced Browsing vulnerability in Centreon An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. | 7.5 |
| 2020-02-28 | CVE-2020-9463 | OS Command Injection vulnerability in Centreon 19.10 Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request. | 8.8 |