centreon/centreon is vulnerable to sql injection attacks. The vulnerability exists in dbResult
parameter in DB-Func.php
because the user provided inputs are not properly validated which allows an attacker to inject and execute arbitrary sql commands.
github.com/advisories/GHSA-25gv-wg6f-6frp
github.com/centreon/centreon/commit/0f72f146eedabf7883d84e5ea90a6d74fff558a6
github.com/centreon/centreon/commit/1a6ee0e9a003ac4f07dc8c370aec6e8911279358
github.com/centreon/centreon/commit/60b0e9c90ee75192b8e9b933751b73256fa2df79
github.com/centreon/centreon/commit/cd2b97fb4222ea7cd790b9d7e3ab2d22718a51cc
github.com/centreon/centreon/pull/11251
github.com/centreon/centreon/releases
github.com/centreon/centreon/releases/tag/22.04.1
www.hakaioffensivesecurity.com/centreon-sqli-and-xss-vulnerability/