CVE-2018-11589: SQL Injection

June 25, 2018 (updated August 28, 2018)

Multiple SQL injection vulnerabilities in Centreon including Centreon Web allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.

References

nvd.nist.gov/vuln/detail/CVE-2018-11589

Code Behaviors & Features

Detect and mitigate CVE-2018-11589 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →