Security Advisory

CVE-2015-1560

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-07-14 16:00:00

Last updated 2024-08-06 04:47:17

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote attackers to execute arbitrary SQL commands via the sid parameter to include/common/XmlTree/GetXmlTree.php.

← Browse all CVEs View on cve.org ↗