Merethis Centreon < 2.3.2 - Authenticated Path Traversal via Command Name Parameter
Directory traversal vulnerability in main.php in Merethis Centreon before 2.3.2 allows remote authenticated users to execute arbitrary commands via a .. (dot dot) in the command_name parameter.