-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability description explicitly states the flaw exists in the updateDirectory function. While the commit diff shows HTML escaping fixes in listHost.ihtml, the core SQL injection vulnerability would occur in backend PHP code handling SQL query construction. The function name 'updateDirectory' matches the vulnerability description, and the CWE-89 classification confirms this is an SQL injection issue. The high confidence comes from the explicit mention of updateDirectory in all vulnerability reports, even though the exact vulnerable code isn't visible in provided diffs.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| centreon/centreon | composer | < 22.10.15 | 22.10.15 |
A Semantic Attack on Google Gemini - Read the Latest Research