CVE-2011-4431 Information

Description

Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.

Reference

http://securityreason.com/securityalert/8530 https://www.trustwave.com/spiderlabs/advisories/TWSL2011-017.txt