Centreon: >> Centreon >> 2.6.1 Security Vulnerabilities
licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-10-08
SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-09-25
Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27).
CVSS Score
5.4
EPSS Score
0.0
Published
2017-09-07
Page 3