Lucene search

K

PRIOn knowledge basePRION:CVE-2012-3435

HistoryAug 15, 2012 - 8:55 p.m.

Sql injection

2012-08-1520:55:00

PRIOn knowledge base

www.prio-n.com

3

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

64.5%

SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.

CPENameOperatorVersion
zabbixeq1.6.1
zabbixeq2.0.1 rc2
zabbixeq2.0.0
zabbixeq1.1 beta2
zabbixeq1.1.2
zabbixeq2.0.0 rc1
zabbixeq1.7.4
zabbixeq1.5.3 beta
zabbixeq1.1.4
zabbixeq1.1.6

Rows per page:

1-10 of 701

References

git.zabbixzone.com/zabbix2.0/.git/commitdiff/333a3a5542ba8a2c901c24b7bf5440f41f1f4f54

osvdb.org/84127

secunia.com/advisories/49809

secunia.com/advisories/50475

www.debian.org/security/2012/dsa-2539

www.openwall.com/lists/oss-security/2012/07/27/6

www.openwall.com/lists/oss-security/2012/07/28/3

www.securityfocus.com/bid/54661

exchange.xforce.ibmcloud.com/vulnerabilities/77195

support.zabbix.com/browse/ZBX-5348

www.exploit-db.com/exploits/20087

8.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

64.5%

Related for PRION:CVE-2012-3435

openvas7 fedora2 ubuntucve1 debiancve1 nessus5 cvelist1 dsquare1 securityvulns2 debian1 cve1 gentoo1