Lucene search
PRIOn knowledge basePRION:CVE-2010-1277HistoryApr 06, 2010 - 4:30 p.m.
Sql injection
2010-04-0616:30:00
PRIOn knowledge base
www.prio-n.com
1
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.
References
archives.neohapsis.com/archives/fulldisclosure/2010-04/0001.html
legalhackers.com/advisories/zabbix181api-sql.txt
legalhackers.com/poc/zabbix181api.pl-poc
secunia.com/advisories/39119
www.osvdb.org/63456
www.securityfocus.com/archive/1/510480/100/0/threaded
www.securityfocus.com/bid/39148
www.vupen.com/english/advisories/2010/0799
www.zabbix.com/rn1.8.2.php
Related
cve
cve
CVE-2010-1277
2010-04-06 16:30:00
CVE-2010-1144
2022-10-03 16:21:01
cvelist
cvelist
CVE-2010-1277
2010-04-06 16:00:00
debiancve
debiancve
CVE-2010-1277
2010-04-06 16:30:00
ubuntucve
ubuntucve
CVE-2010-1277
2010-04-06 00:00:00
openvas
openvas
Zabbix < 1.8.2 SQLi Vulnerability
2010-04-12 00:00:00
Gentoo Security Advisory GLSA 201311-15
2015-09-29 00:00:00
nvd
nvd
CVE-2010-1277
2010-04-06 16:30:00
CVE-2010-1144
2010-04-06 16:30:00
prion
prion
Design/Logic Flaw
2010-04-06 16:30:00
nessus
nessus
GLSA-201311-15 : Zabbix: Multiple vulnerabilities
2013-11-26 00:00:00
gentoo
gentoo
Zabbix: Multiple vulnerabilities
2013-11-25 00:00:00