exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files

Centreon 2.3.x SQL Injection
Posted Dec 13, 2012
Authored by modpr0be

Centreon versions 2.3.3 through 2.3.9-4 menuXML.php remote blind SQL injection exploit.

tags | exploit, remote, php, sql injection
advisories | CVE-2012-5967
SHA-256 | d04b644c764a41f28eca2c71a041e69645a678273c302fafa28bfe8fac2f9c4a

Related Files

Centreon 23.10-1.el8 SQL Injection
Posted Apr 16, 2024
Authored by Cody Sixteen | Site code610.blogspot.com

Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ccd137a9553629c65cb1fcc131008c98cf86b7038c922afa5586765db2092434
Centreon 22.04.0 Cross Site Scripting
Posted Oct 1, 2022
Authored by syad

Centreon version 22.04.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-39988
SHA-256 | 69cf7baade94fd5e803782c07bbd53d7ff5f985beb2b08f0768155d0e8d0e38f
Centreon 22.04.0 Cross Site Scripting
Posted Aug 25, 2022
Authored by yunaranyancat, syad, saitamang

Centreon version 22.04.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-36194
SHA-256 | 3d70a278906238ba02b36becf352ebf454b3dd1b330a5747bf3dbac98c1a8336
Centreon 19.10.5 SQL Injection
Posted Apr 20, 2020
Authored by Basim Alabdullah

Centreon version 19.10.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fb916a523ec5469527b4b72b517e8d57e05cff77e14901ef3c3fc8c27405bbcc
Centreon 19.11 SQL Injection
Posted Apr 9, 2020
Authored by Cody Sixteen

Centreon version 19.11 post authentication acl_res_name parameter remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 26ddd5ca918503c36714484e708d799c5b8b0c860297a0d6fef820a51abd2fdc
Centreon 19.10-3.el7 SQL Injection
Posted Apr 8, 2020
Authored by Cody Sixteen

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.

tags | exploit, paper, remote, vulnerability, sql injection
SHA-256 | 02221a056ccb54bfaed855a9ef6741e6737b01e06fc5841d931b5745c69e5e8b
Centreon Poller Authenticated Remote Command Execution
Posted Mar 18, 2020
Authored by mekhalleh, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

tags | exploit, remote, arbitrary, shell
SHA-256 | 4fc454b9a7db2a27a465a12d5f364a39e3ac7dba6dcd7fc3801635b21c08d5b6
Centreon 19.10.5 Pollers Remote Command Execution
Posted Feb 4, 2020
Authored by Ramella Sebastien, Fabien Aunay, Omri Baso | Site metasploit.com

This Metasploit module exploits a Centreon version 19.10.5 Pollers remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 3823f489d80ba96f9daa51e9c9ad49970827297fc04995a65e690613f8eb0684
Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a Pollers remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 824b22c2f352d66d1fac5582a1d6e01a40daed3d2d240e0e289674e34e783629
Centreon 19.10.5 Remote Command Execution
Posted Jan 29, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a centreontrapd remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 04324f51cee387f1f74eb254c7e283bedc63a9863560d41a110278c3b9393862
Centreon 19.10.5 Remote Command Execution
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 030cbc7db120adeefb9decf4ed1426aeca2c73286c9d115a1f53d790e4e5f8ed
Centreon 19.10.5 Credential Disclosure
Posted Jan 28, 2020
Authored by Fabien Aunay, Omri Baso

Centreon version 19.10.5 suffers from a database credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | af96c61510aefc06361e0fc409d2e6716ceaaa9f3a8292aff4fababf2d56ec14
Centreon 19.04 Remote Code Execution
Posted Jan 20, 2020
Authored by enjloezz, TheCyberGeek | Site metasploit.com

This Metasploit module exploits an authenticated remote code execution vulnerability in Centreon version 19.04.

tags | exploit, remote, code execution
advisories | CVE-2019-16405
SHA-256 | 510a1c2d96045f19207e2336a64b219e4a23437cb33077b85cd5bbdb429d74d9
Centreon 19.04 Remote Code Execution
Posted Jul 2, 2019
Authored by Askar

Centreon version 19.04 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-13024
SHA-256 | 52b458e04b9294cc2f6308ac2372b6641e658acfb4213ccb6f2dbaacaf7fbb5d
Centreon Web Interface 2.5.3 Command Execution
Posted Jul 27, 2016
Authored by h00die, Nicolas Chatelain | Site metasploit.com

Centreon Web Interface versions 2.5.3 and below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.

tags | exploit, web, arbitrary, code execution
SHA-256 | 5c09582d8455d486f9a8b546afc64ba7e1c0033c02c90405893cf9e6a8d35f16
Centreon 2.5.3 Code Execution
Posted Feb 26, 2016
Authored by Nicolas Chatelain

Centreon versions 2.5.3 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586
Centreon 2.6.1 Persistent Cross Site Scripting
Posted Sep 29, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6681b871f00d7c1d0d12d5de3f5e49d61b5ac631bdcefc4a0db93c3a54e96145
Centreon 2.6.1 Command Injection
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a command injection vulnerability. The POST parameter 'persistant' which serves for making a new service run in the background is not properly sanitized before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands as well as using cross site request forgery attacks.

tags | exploit, arbitrary, shell, csrf
SHA-256 | de65336a8a68b4177f682854c6416feedbbf44c0a5ff31835c174e78d0ac4037
Centreon 2.6.1 Add Administrator Cross Site Request Forgery
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 add administrator cross site request forgery exploit.

tags | exploit, csrf
SHA-256 | fb7aeb82618878ab24c9f5c4140479064eb157f08ed35e744bf8bc3096f3f188
Centreon 2.6.1 Shell Upload
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d6f7d3dc2b9d187d9f488cbf0e34984b389cdb34f36401b172e21e70df766956
Merethis Centreon 2.5.4 SQL Injection / Remote Command Execution
Posted Jul 8, 2015
Authored by DAU Huy Ngoc

Merethis Centreon versions 2.5.4 and below suffer from remote SQL injection and command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-1560, CVE-2015-1561
SHA-256 | 33a4b6850bc8efa423b2d9f3dee79ec98c4aad0c75b497867a6a543467abc2bd
Centreon SQL / Command Injection
Posted Oct 23, 2014
Authored by juan vazquez, MaZ | Site metasploit.com

This Metasploit module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise Server 2.2 and prior. Due to a combination of SQL injection and command injection in the displayServiceStatus.php component, it is possible to execute arbitrary commands as long as there is a valid session registered in the centreon.session table. In order to have a valid session, all it takes is a successful login from anybody. The exploit itself does not require any authentication. This Metasploit module has been tested successfully on Centreon Enterprise Server 2.2.

tags | exploit, arbitrary, php, vulnerability, sql injection
advisories | CVE-2014-3828, CVE-2014-3829
SHA-256 | 8809b442b4ed7e090f87d00c54c5b7bdd1ab5b1b01a8996dfc1c2404ff0bb501
Centreon SQL Injection / Command Injection
Posted Oct 18, 2014
Authored by MaZ

Centreon versions 2.5.2 and below and Centreon Enterprise Server versions 2.2 and below and 3.0 and below suffer from remote SQL injection and remote command injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-3828, CVE-2014-3829
SHA-256 | 2bbcd9c0f7916e18957b35abbdb6401cfd1ba1a7514ea9da21386fe29c69f1db
Secunia Security Advisory 51532
Posted Dec 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Spentera has reported a vulnerability in Centreon, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | fd146a512e280bffd0d171ef887d96c6d0d8aca652856fb5ec304bf2f0acb5a1
Merethis Centreon 2.3.1 Code Execution
Posted Nov 8, 2011
Authored by Christophe de la Fuente | Site trustwave.com

The Centreon supervision and monitoring tool provided by Merethis permits remote code execution from the command help web page allowing an attacker to execute arbitrary commands in the context of the webserver hosting the application. The system also uses a one-way hash without a salt. Versions 2.3.1 and below are affected.

tags | exploit, remote, web, arbitrary, code execution
SHA-256 | 8baa1a03e20514db0ebdff56296a1f3d2b0ea0473b7d740b7747c685e31fb6df
Page 1 of 2
Back12Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close