Centreon

Centreon Web

58 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.3

CVE-2026-2751

  • EPSS 0.02%
  • Veröffentlicht 27.02.2026 13:33:44
  • Zuletzt bearbeitet 02.03.2026 20:30:10

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Se...

4.8

CVE-2025-12513

  • EPSS 0.01%
  • Veröffentlicht 05.01.2026 13:43:42
  • Zuletzt bearbeitet 26.01.2026 15:09:43

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hosts configuration form modules) allows Stored XSS to users with high privileges. This issue affects Infra Monit...

7.2

CVE-2025-5965

  • EPSS 0.16%
  • Veröffentlicht 05.01.2026 10:15:55
  • Zuletzt bearbeitet 26.01.2026 15:07:47

In the backup parameters, a user with high privilege is able to concatenate custom instructions to the backup setup. Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring...

5.3

CVE-2025-12519

  • EPSS 0.01%
  • Veröffentlicht 05.01.2026 10:15:08
  • Zuletzt bearbeitet 26.01.2026 15:08:32

Missing Authorization vulnerability in Centreon Infra Monitoring (Administration parameters API endpoint modules) allows Accessing Functionality Not Properly Constrained by ACLs, resulting in Information Disclosure like downtime or acknowledgement co...

4.8

CVE-2025-13056

  • EPSS 0.01%
  • Veröffentlicht 05.01.2026 10:10:35
  • Zuletzt bearbeitet 26.01.2026 15:09:10

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Administration ACL menu configuration modules) allows Stored XSS to users with high privileges. This issue affe...

4.8

CVE-2025-54890

  • EPSS 0.01%
  • Veröffentlicht 22.12.2025 11:07:28
  • Zuletzt bearbeitet 26.01.2026 14:05:50

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Hostgroup configuration page) allows Stored XSS by users with elevated privileges.This issue affects Infra Monit...

4.8

CVE-2025-10023

  • EPSS 0.01%
  • Veröffentlicht 27.10.2025 15:07:21
  • Zuletzt bearbeitet 26.01.2026 14:02:33

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Services Meta-services modules) allows Stored XSS by users with elevated privileges.This issue affects Infra Mon...

5.4

CVE-2025-8459

  • EPSS 0.01%
  • Veröffentlicht 14.10.2025 18:15:37
  • Zuletzt bearbeitet 22.10.2025 14:09:29

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Monitoring recurrent downtime scheduler modules) allows Stored XSS.This issue affects Infra Monitoring: from 24.10...

4.8

CVE-2025-8430

  • EPSS 0.01%
  • Veröffentlicht 14.10.2025 16:54:43
  • Zuletzt bearbeitet 22.10.2025 14:10:20

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (Commands Connectors configuration modules) allows Stored XSS by users with elevated privileges. This issue affe...

4.8

CVE-2025-8429

  • EPSS 0.01%
  • Veröffentlicht 14.10.2025 15:29:56
  • Zuletzt bearbeitet 22.10.2025 14:02:24

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Centreon Infra Monitoring (ACL Action access configuration modules) allows Stored XSS by users with elevated privileges. This issue affec...