QwikSec

Security Database

CVE

CWE

Training

CVE-2018-11589

Published: Jun 25, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/centreon/centreon/pull/6250

x_refsource_CONFIRM

https://github.com/centreon/centreon/pull/6257

x_refsource_CONFIRM

https://github.com/centreon/centreon/pull/6251

x_refsource_CONFIRM

https://github.com/centreon/centreon/pull/6256

x_refsource_CONFIRM

https://github.com/centreon/centreon/releases

x_refsource_CONFIRM

https://github.com/centreon/centreon/pull/6255

x_refsource_CONFIRM

https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.