VYPR

Centreon Enterprise Server

by Centreon

Source repositories

CVEs (2)

  • CVE-2014-3829Oct 23, 2014
    risk 0.02cvss epss 0.81

    displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variable.

  • CVE-2014-3828Oct 23, 2014
    risk 0.02cvss epss 0.73

    Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote attackers to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid parameter…