Centreon and Centreon Enterprise Server are prone to multiple SQL- injection vulnerabilities.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Updates are available
Centreon fails to sufficiently sanitize user-supplied data.
The following products are vulnerable: Centreon 2.5.1 and prior versions Centreon Enterprise Server 2.2 and prior versions
Send a special crafted HTTP GET request and check the response.