centreon/centreon is vulnerable to SQL Injection attacks. A specifically crafted statement through the cg_id
parameter in formContactGroup.php
, allows a remote authenticated attacker to inject and execute arbitrary SQL queries on the target system.