GCVE - cpe:2.3:a:centreon:centreon:1.4.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:centreon:centreon:1.4.1:*:*:*:*:*:*:*

part: a version: 1.4.1 update: *

Vendor	Centreon (`e01a1192-018f-55df-98f2-b9707fac306d`)
Product	Centreon (`df868b4a-5b4d-57ce-b7fd-3c898153f558`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/centreon/centreon`	purl2cpe	2026-06-01 10:10:56.309477

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-1179`	vulnerable	2026-06-03 14:28:39.619801	Details available Multiple cross-site scripting (XSS) vulnerabilities in include/common/javascript/color_picker.php in Centreon 1.4.2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) title parameters. NOTE: some of these details are obtained from third party information. Published: 2008-03-06T00:00:00.000Z Updated: 2024-08-07T08:08:57.828Z Open on db.gcve.eu Reference links http://secunia.com/advisories/29158 http://www.centreon.com/Product/Changelog-Centreon-1.4.x.html http://www.securityfocus.com/bid/28043 https://exchange.xforce.ibmcloud.com/vulnerabilities/40924	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-1178`	vulnerable	2026-06-03 14:28:39.619401	Details available Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119. Published: 2008-03-06T00:00:00.000Z Updated: 2024-08-07T08:08:57.708Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/488956/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/40950 http://www.securityfocus.com/bid/28052 http://secunia.com/advisories/29158 http://securityreason.com/securityalert/3715	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-1119`	vulnerable	2026-06-03 14:28:39.148738	Details available Directory traversal vulnerability in include/doc/get_image.php in Centreon 1.4.2.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter. Published: 2008-03-03T22:00:00.000Z Updated: 2024-08-07T08:08:57.699Z Open on db.gcve.eu Reference links http://www.centreon.com/Product/Changelog-Centreon-1.4.x.html https://www.exploit-db.com/exploits/5204 http://www.securityfocus.com/bid/28022	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6485`	vulnerable	2026-06-03 14:28:29.758399	Details available Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote attackers to execute arbitrary PHP code via a URL in the fileOreonConf parameter to (1) MakeXML.php or (2) MakeXML4statusCounter.php in include/monitoring/engine/. Published: 2007-12-20T20:00:00.000Z Updated: 2024-08-07T16:11:06.030Z Open on db.gcve.eu Reference links http://www.osvdb.org/39227 https://www.exploit-db.com/exploits/4735 http://www.osvdb.org/39226 https://exchange.xforce.ibmcloud.com/vulnerabilities/39065 http://secunia.com/advisories/28112	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.