Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-06-25T18:00:00
Updated: 2024-08-05T08:10:14.875Z
Reserved: 2018-05-31T00:00:00
Link: CVE-2018-11589
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-06-25T18:29:00.330
Modified: 2018-08-28T17:14:03.150
Link: CVE-2018-11589
Redhat
No data.