Centreon (Merethis Centreon) is a set of open source system monitoring tools from the French company Centreon . A SQL injection vulnerability exists in Centreon v20.10.18, which stems from the esc_name (Escalation Name) parameter of its Configuration/Notifications/Escalations component Lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.