{"url":"http://public2.vulnerablecode.io/api/packages/76299?format=json","purl":"pkg:composer/centreon/centreon@18.0.0","type":"composer","namespace":"centreon","name":"centreon","version":"18.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"18.10.6","latest_non_vulnerable_version":"22.10.15","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52059?format=json","vulnerability_id":"VCID-3r3w-7vvv-kye4","summary":"Cross-site Scripting\nCentreon allows XSS via `myAccount` alias and `name` fields.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16195","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20532","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20605","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20592","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20551","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20483","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20491","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16195"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16195","reference_id":"CVE-2019-16195","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16195"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58559?format=json","purl":"pkg:composer/centreon/centreon@18.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58560?format=json","purl":"pkg:composer/centreon/centreon@19.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.5"}],"aliases":["CVE-2019-16195"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3r3w-7vvv-kye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52641?format=json","vulnerability_id":"VCID-3zzf-hf31-c3ed","summary":"Information Exposure\nCentreon exposes Session IDs in server responses.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10945","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13075","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13053","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13022","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13158","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13154","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13117","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10945"},{"reference_url":"https://github.com/centreon/centreon","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon"},{"reference_url":"https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/commit/02a3248602ce194fbb098af34be4652565db2468"},{"reference_url":"https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/commit/1c14a8ee07225836bdd2ca480e47a63070a11bb9"},{"reference_url":"https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/commit/afa0ee6d43d22860ae435163559912696569fc2f"},{"reference_url":"https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/commit/fbee38536960eecaf52eda2bf31b90859c018b66"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/8291","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/8291"},{"reference_url":"https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure"},{"reference_url":"https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure/","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200625084841/https://sysdream.com/news/lab/2020-05-13-cve-2020-10945-centreon-session-id-exposure/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10945","reference_id":"CVE-2020-10945","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10945"},{"reference_url":"https://github.com/advisories/GHSA-h5qv-p378-3hhr","reference_id":"GHSA-h5qv-p378-3hhr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h5qv-p378-3hhr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77402?format=json","purl":"pkg:composer/centreon/centreon@18.10.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.11"},{"url":"http://public2.vulnerablecode.io/api/packages/77403?format=json","purl":"pkg:composer/centreon/centreon@19.4.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/77404?format=json","purl":"pkg:composer/centreon/centreon@19.10.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.10.7"}],"aliases":["CVE-2020-10945","GHSA-h5qv-p378-3hhr"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zzf-hf31-c3ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40451?format=json","vulnerability_id":"VCID-4bh1-cyu7-6uam","summary":"Centreon allows SQL Injection via the `main.php` `searchH` parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19271","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51594","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51581","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51562","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51549","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51616","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19271"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.28.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.28.html"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/6625","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/6625"},{"reference_url":"http://www.rootlabs.com.br/authenticated-sql-injection-in-centreon-3-4-x","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.rootlabs.com.br/authenticated-sql-injection-in-centreon-3-4-x"},{"reference_url":"http://www.rootlabs.com.br/authenticated-sql-injection-in-centreon-3-4-x/","reference_id":"","reference_type":"","scores":[],"url":"http://www.rootlabs.com.br/authenticated-sql-injection-in-centreon-3-4-x/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19271","reference_id":"CVE-2018-19271","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19271"},{"reference_url":"https://github.com/advisories/GHSA-79hg-357g-rrgv","reference_id":"GHSA-79hg-357g-rrgv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-79hg-357g-rrgv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77401?format=json","purl":"pkg:composer/centreon/centreon@18.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zzf-hf31-c3ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19271","GHSA-79hg-357g-rrgv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4bh1-cyu7-6uam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52311?format=json","vulnerability_id":"VCID-aaem-ywm2-a7au","summary":"A SQL Injection vulnerability exists in `include/monitoring/status/Hosts/xml/hostXML.php` and could be exploited via the `instance` parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17647","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22001","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22084","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2207","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22022","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21965","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21974","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17647"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17647","reference_id":"CVE-2019-17647","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17647"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58559?format=json","purl":"pkg:composer/centreon/centreon@18.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58560?format=json","purl":"pkg:composer/centreon/centreon@19.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/76819?format=json","purl":"pkg:composer/centreon/centreon@19.10.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.10.2"}],"aliases":["CVE-2019-17647"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aaem-ywm2-a7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40455?format=json","vulnerability_id":"VCID-b675-z44g-byfs","summary":"Centreon allows SQL Injection via the `searchVM` parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19312","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33723","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33802","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33777","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33811","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33844","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33829","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19312"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/6257","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/6257"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/6628","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/6628"},{"reference_url":"http://www.roothc.com.br/1349-2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.roothc.com.br/1349-2"},{"reference_url":"http://www.roothc.com.br/1349-2/","reference_id":"","reference_type":"","scores":[],"url":"http://www.roothc.com.br/1349-2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19312","reference_id":"CVE-2018-19312","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19312"},{"reference_url":"https://github.com/advisories/GHSA-5jxp-4x68-mhqc","reference_id":"GHSA-5jxp-4x68-mhqc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5jxp-4x68-mhqc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77401?format=json","purl":"pkg:composer/centreon/centreon@18.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zzf-hf31-c3ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19312","GHSA-5jxp-4x68-mhqc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b675-z44g-byfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52313?format=json","vulnerability_id":"VCID-bvm5-7nu4-2qer","summary":"Information Exposure\nUnauthenticated users could access sensitive information by issuing a direct request to `api/external.php?object=centreon_metric&action=listByService`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17646","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17647","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17641","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17608","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17528","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17544","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17646"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17646","reference_id":"CVE-2019-17646","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17646"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58559?format=json","purl":"pkg:composer/centreon/centreon@18.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58560?format=json","purl":"pkg:composer/centreon/centreon@19.4.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/76819?format=json","purl":"pkg:composer/centreon/centreon@19.10.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.10.2"}],"aliases":["CVE-2019-17646"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvm5-7nu4-2qer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52314?format=json","vulnerability_id":"VCID-fa2z-2rzx-hyd1","summary":"Cross-Site Request Forgery (CSRF)\nThe Autodiscovery plugin of Centreon allows CSRF with remote command execution via shell metacharacters through a POST request to `centreon-autodiscovery-server/views/scan/ajax/call.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17642","reference_id":"","reference_type":"","scores":[{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51653","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51713","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.5172","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51697","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51665","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0028","scoring_system":"epss","scoring_elements":"0.51684","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17642"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17642","reference_id":"CVE-2019-17642","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17642"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58559?format=json","purl":"pkg:composer/centreon/centreon@18.10.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.8"},{"url":"http://public2.vulnerablecode.io/api/packages/58269?format=json","purl":"pkg:composer/centreon/centreon@19.4.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/76465?format=json","purl":"pkg:composer/centreon/centreon@19.10.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.10.1"}],"aliases":["CVE-2019-17642"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fa2z-2rzx-hyd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40454?format=json","vulnerability_id":"VCID-fq3k-tpny-f3b1","summary":"Cross-site Scripting\nCentreon allows XSS via the Service field to the URI.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19311","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25786","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25895","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25791","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25793","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25843","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25887","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19311"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/6632","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/6632"},{"reference_url":"http://www.roothc.com.br/1349-2","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.roothc.com.br/1349-2"},{"reference_url":"http://www.roothc.com.br/1349-2/","reference_id":"","reference_type":"","scores":[],"url":"http://www.roothc.com.br/1349-2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19311","reference_id":"CVE-2018-19311","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19311"},{"reference_url":"https://github.com/advisories/GHSA-8vh5-j6xj-5953","reference_id":"GHSA-8vh5-j6xj-5953","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8vh5-j6xj-5953"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77401?format=json","purl":"pkg:composer/centreon/centreon@18.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zzf-hf31-c3ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19311","GHSA-8vh5-j6xj-5953"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq3k-tpny-f3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52312?format=json","vulnerability_id":"VCID-j96e-5q47-ubas","summary":"Information Exposure\nUnauthenticated users could access sensitive information by issuing a direct request to `include/configuration/configObject/service/refreshMacroAjax.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17645","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21563","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21642","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21629","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21584","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21525","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21533","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17645"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17645","reference_id":"CVE-2019-17645","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17645"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/76821?format=json","purl":"pkg:composer/centreon/centreon@18.10.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.9"},{"url":"http://public2.vulnerablecode.io/api/packages/76822?format=json","purl":"pkg:composer/centreon/centreon@19.4.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/76823?format=json","purl":"pkg:composer/centreon/centreon@19.10.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@19.10.3"}],"aliases":["CVE-2019-17645"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j96e-5q47-ubas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40449?format=json","vulnerability_id":"VCID-kukg-nxwy-xyhb","summary":"Centreon allows SNMP trap SQL Injection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19281","reference_id":"","reference_type":"","scores":[{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.40997","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41024","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41014","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41045","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41076","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00193","scoring_system":"epss","scoring_elements":"0.41073","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19281"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html"},{"reference_url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.27.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.27.html"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/6627","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/6627"},{"reference_url":"https://github.com/centreon/centreon-archived/pull/7069","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/centreon/centreon-archived/pull/7069"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19281","reference_id":"CVE-2018-19281","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-19281"},{"reference_url":"https://github.com/advisories/GHSA-w2xf-4gg9-87wr","reference_id":"GHSA-w2xf-4gg9-87wr","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w2xf-4gg9-87wr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77401?format=json","purl":"pkg:composer/centreon/centreon@18.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3zzf-hf31-c3ed"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/55936?format=json","purl":"pkg:composer/centreon/centreon@18.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.10.6"}],"aliases":["CVE-2018-19281","GHSA-w2xf-4gg9-87wr"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kukg-nxwy-xyhb"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/centreon/centreon@18.0.0"}