Vulnerability Details CVE-2025-6791
In the monitoring event logs page, it is possible to alter the http request to insert a reflect payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon web (Monitoring event logs modules) allows SQL Injection.This issue affects web: 24.10.0, 24.04.0, 23.10.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-6791
-
cpe:2.3:a:centreon:centreon_web:23.10.0
-
cpe:2.3:a:centreon:centreon_web:23.10.1
-
cpe:2.3:a:centreon:centreon_web:23.10.10
-
cpe:2.3:a:centreon:centreon_web:23.10.11
-
cpe:2.3:a:centreon:centreon_web:23.10.12
-
cpe:2.3:a:centreon:centreon_web:23.10.13
-
cpe:2.3:a:centreon:centreon_web:23.10.14
-
cpe:2.3:a:centreon:centreon_web:23.10.15
-
cpe:2.3:a:centreon:centreon_web:23.10.16
-
cpe:2.3:a:centreon:centreon_web:23.10.17
-
cpe:2.3:a:centreon:centreon_web:23.10.18
-
cpe:2.3:a:centreon:centreon_web:23.10.19
-
cpe:2.3:a:centreon:centreon_web:23.10.2
-
cpe:2.3:a:centreon:centreon_web:23.10.20
-
cpe:2.3:a:centreon:centreon_web:23.10.21
-
cpe:2.3:a:centreon:centreon_web:23.10.22
-
cpe:2.3:a:centreon:centreon_web:23.10.23
-
cpe:2.3:a:centreon:centreon_web:23.10.24
-
cpe:2.3:a:centreon:centreon_web:23.10.25
-
cpe:2.3:a:centreon:centreon_web:23.10.3
-
cpe:2.3:a:centreon:centreon_web:23.10.4
-
cpe:2.3:a:centreon:centreon_web:23.10.5
-
cpe:2.3:a:centreon:centreon_web:23.10.6
-
cpe:2.3:a:centreon:centreon_web:23.10.7
-
cpe:2.3:a:centreon:centreon_web:23.10.8
-
cpe:2.3:a:centreon:centreon_web:23.10.9
-
cpe:2.3:a:centreon:centreon_web:24.04.0
-
cpe:2.3:a:centreon:centreon_web:24.04.1
-
cpe:2.3:a:centreon:centreon_web:24.04.10
-
cpe:2.3:a:centreon:centreon_web:24.04.11
-
cpe:2.3:a:centreon:centreon_web:24.04.12
-
cpe:2.3:a:centreon:centreon_web:24.04.13
-
cpe:2.3:a:centreon:centreon_web:24.04.14
-
cpe:2.3:a:centreon:centreon_web:24.04.15
-
cpe:2.3:a:centreon:centreon_web:24.04.2
-
cpe:2.3:a:centreon:centreon_web:24.04.3
-
cpe:2.3:a:centreon:centreon_web:24.04.4
-
cpe:2.3:a:centreon:centreon_web:24.04.5
-
cpe:2.3:a:centreon:centreon_web:24.04.6
-
cpe:2.3:a:centreon:centreon_web:24.04.7
-
cpe:2.3:a:centreon:centreon_web:24.04.8
-
cpe:2.3:a:centreon:centreon_web:24.04.9
-
cpe:2.3:a:centreon:centreon_web:24.10.0
-
cpe:2.3:a:centreon:centreon_web:24.10.1
-
cpe:2.3:a:centreon:centreon_web:24.10.2
-
cpe:2.3:a:centreon:centreon_web:24.10.3
-
cpe:2.3:a:centreon:centreon_web:24.10.4
-
cpe:2.3:a:centreon:centreon_web:24.10.5
-
cpe:2.3:a:centreon:centreon_web:24.10.6
-
cpe:2.3:a:centreon:centreon_web:24.10.7
-
cpe:2.3:a:centreon:centreon_web:24.10.8