accept no compromises
Showing 1 - 21 of 21 RSS Feed

Files

Centreon 2.5.3 Code Execution
Posted Feb 26, 2016
Authored by Nicolas Chatelain

Centreon versions 2.5.3 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 40b9869aaae9701f0648ec3012fe5f27

Related Files

Centreon Web Interface 2.5.3 Command Execution
Posted Jul 27, 2016
Authored by h00die, Nicolas Chatelain | Site metasploit.com

Centreon Web Interface versions 2.5.3 and below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.

tags | exploit, web, arbitrary, code execution
MD5 | 68342f19a17e66cc296e79e67f86c303
Centreon 2.6.1 Persistent Cross Site Scripting
Posted Sep 29, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7223fef091e6e1bd899a9973ee3d8fb7
Centreon 2.6.1 Command Injection
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a command injection vulnerability. The POST parameter 'persistant' which serves for making a new service run in the background is not properly sanitized before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands as well as using cross site request forgery attacks.

tags | exploit, arbitrary, shell, csrf
MD5 | ed1afc21672db6e6d5419984ecce247e
Centreon 2.6.1 Add Administrator Cross Site Request Forgery
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 add administrator cross site request forgery exploit.

tags | exploit, csrf
MD5 | 1138e1cb51c1767b3a1796a2e6c23530
Centreon 2.6.1 Shell Upload
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 71a4b274917f301d9cf6e59ae074de13
Merethis Centreon 2.5.4 SQL Injection / Remote Command Execution
Posted Jul 8, 2015
Authored by DAU Huy Ngoc

Merethis Centreon versions 2.5.4 and below suffer from remote SQL injection and command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-1560, CVE-2015-1561
MD5 | e4e2f65eb1402f1a8ef34352b7faf89a
Centreon SQL / Command Injection
Posted Oct 23, 2014
Authored by juan vazquez, MaZ | Site metasploit.com

This Metasploit module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise Server 2.2 and prior. Due to a combination of SQL injection and command injection in the displayServiceStatus.php component, it is possible to execute arbitrary commands as long as there is a valid session registered in the centreon.session table. In order to have a valid session, all it takes is a successful login from anybody. The exploit itself does not require any authentication. This Metasploit module has been tested successfully on Centreon Enterprise Server 2.2.

tags | exploit, arbitrary, php, vulnerability, sql injection
advisories | CVE-2014-3828, CVE-2014-3829
MD5 | 06e1f68541a57638e44b6501b4648cd5
Centreon SQL Injection / Command Injection
Posted Oct 18, 2014
Authored by MaZ

Centreon versions 2.5.2 and below and Centreon Enterprise Server versions 2.2 and below and 3.0 and below suffer from remote SQL injection and remote command injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-3828, CVE-2014-3829
MD5 | 0f1fa1e5feebc89d1fd6f473fdeedb13
Centreon 2.3.x SQL Injection
Posted Dec 13, 2012
Authored by modpr0be

Centreon versions 2.3.3 through 2.3.9-4 menuXML.php remote blind SQL injection exploit.

tags | exploit, remote, php, sql injection
advisories | CVE-2012-5967
MD5 | c54a11254bc5911e13270c3b4e825152
Secunia Security Advisory 51532
Posted Dec 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Spentera has reported a vulnerability in Centreon, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | dd9b39f816cbc635d628edd413b5ff08
Merethis Centreon 2.3.1 Code Execution
Posted Nov 8, 2011
Authored by Christophe de la Fuente | Site trustwave.com

The Centreon supervision and monitoring tool provided by Merethis permits remote code execution from the command help web page allowing an attacker to execute arbitrary commands in the context of the webserver hosting the application. The system also uses a one-way hash without a salt. Versions 2.3.1 and below are affected.

tags | exploit, remote, web, arbitrary, code execution
MD5 | a6b0f2282a375e29d3f39931335be4e4
Centreon IT And Network Monitoring 2.1.5 SQL Injection
Posted Apr 1, 2010
Authored by Jonathan Salwan

Centreon IT and Network Monitoring version 2.1.5 remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | 27d9cbf8a7ca4f0f791f18039e85a273
Secunia Security Advisory 39236
Posted Mar 31, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Centreon, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 42cf42e713123f1b7c7269eeb37d0b53
Secunia Security Advisory 37808
Posted Dec 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien Cayssol has reported a vulnerability in Centreon, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 132c8e08d07caaf975979f69259c228c
Secunia Security Advisory 34127
Posted Mar 4, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien CAYSSOL has discovered a vulnerability in Centreon, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 46db8d96a2bc373b059d9b582ad73463
Secunia Security Advisory 34142
Posted Mar 4, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien CAYSSOL has discovered a vulnerability in Centreon, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 7e3d49c338a13951fcc319c276e45c7a
centreon1423-disclose.txt
Posted Mar 3, 2008
Authored by JosS | Site spanish-hackers.com

Centreon versions 1.4.2.3 and below suffer from multiple remote file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
MD5 | 05057677fc0bd2cb16cbe13159b883cd
Secunia Security Advisory 29158
Posted Mar 3, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien Cayssol has reported some vulnerabilities in Centreon, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.

tags | advisory, vulnerability, xss
MD5 | be1ea137282acb67747999af03262c7b
centreon-disclose.txt
Posted Feb 28, 2008
Authored by Julien CAYSSOL

Centreon versions 1.4.2.3 and below suffer from a remote file disclosure vulnerability in get_image.php.

tags | exploit, remote, php, info disclosure
MD5 | b184119ee973ba67d5ea86c8c6bffa6c
Secunia Security Advisory 28112
Posted Dec 19, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Michael Brooks has reported some vulnerabilities in Centreon, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 83ea62a2513b50fddf6d9e6490b6acf4
oreon-rfi.txt
Posted Dec 18, 2007
Authored by Michael Brooks

Oreon version 1.4 and Centreon version 1.4.1 appear to suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 03480e4857cbabc71d36c72b3e5262cc
Page 1 of 1
Back1Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    10 Files
  • 23
    Sep 23rd
    1 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close