mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 00:49:28 +02:00
0xMarcio
1.4 KiB
1.4 KiB
CVE-2025-3872
&color=brightgreen)
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon centreon-web (User configuration form modules) allows SQL Injection.A user with high privileges is able to become administrator by intercepting the contact form request and altering its payload.This issue affects Centreon: from 22.10.0 before 22.10.28, from 23.04.0 before 23.04.25, from 23.10.0 before 23.10.20, from 24.04.0 before 24.04.10, from 24.10.0 before 24.10.4.
POC
Reference
No PoCs from references.