Zabbix - SQL Injection

Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggleids array parameter in latest.php and perform SQL injection attacks. id: CVE-2016-10134 info: name: Zabbix - SQL Injection author: princechaddha severity: critical description: Zabbix...

SUSE CVE-2020-10134

Pairing in Bluetooth� Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedure...

CVE-2025-10134

creationtimestamp| type| source ---|---|--- 2025-09-09 11:04:13+00:00| seen| https://gist.github.com/Darkcrai86/ee83fd3eb338fbfbbeff3131c34cdddf 2025-09-09 13:01:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyfrmy7wtt2a...

CVE-2025-10134

CVE-2025-10134 affects Goza – Nonprofit Charity WordPress Theme up to version 3.2.2. The flaw is in the alone_import_pack_restore_data() function, where insufficient file path validation allows an unauthenticated attacker to delete arbitrary server files (e.g., wp-config.php), with potential remo...

WordPress Goza Theme 3.2.2 is vulnerable to Arbitrary File Deletion

Software Goza Type Theme Vulnerable versions 3.2.2 Fixed in 3.2.3 OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-10134 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 14b5ad5ea9b5 Credits Thái An Required privilege Unauthenticated Publishe...

Linux Distros Unpatched Vulnerability : CVE-2020-10134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pairing in Bluetooth Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the...

CVE-2024-10134

creationtimestamp| type| source ---|---|--- 2024-10-19 12:59:09+00:00| seen| https://t.me/cvedetector/8358 2024-10-19 15:27:50+00:00| seen| https://t.me/HackerArsenal/565...

CVE-2024-10134 ESAFENET CDG MultiServerAjax.java connectLogout sql injection

A vulnerability was found in ESAFENET CDG 5 and classified as critical. Affected by this issue is the function connectLogout of the file /com/esafenet/servlet/ajax/MultiServerAjax.java. The manipulation of the argument servername leads to sql injection. The attack may be launched remotely. The...

Ubuntu: Security Advisory (USN-4767-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4767-1: Zabbix vulnerabilities

Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2020-11800 It was discovered that Zabbix incorrectly handled certain...

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE IDs present in the context are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitly...

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of pre-built vulnerable docker environments, referred to as 'Vulhub'. It is an offensive tool for web application security training and testing. The primary vulnerability class targeted by Vulhub is web application vulnerabilities, including Remote Cod...

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...

CVE-2020-10134

CVE-2020-10134 affects Bluetooth Core v5.2 and earlier. The vulnerability arises during pairing when an unauthenticated attacker can perform a man-in-the-middle by exploiting users completing two pairing procedures with the MITM using one peer’s confirmation as the other peer’s passkey. This can ...

Moodle <= 3.1.17, 3.4.x <= 3.4.8, 3.5.x <= 3.5.5, 3.6.x <= 3.6.3 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;...

CVE-2019-10134

The CVE-2019-10134 entry applies to Moodle installations before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The vulnerability arises from inadequate validation of the size of users’ private file uploads sent via email, allowing quota usage to exceed allocated limits. Impact is limited to quota overruns ...

CVE-2016-10134

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/zabbixtoggleidssqli.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:45+00:00| seen|...

CVE-2017-10134

CVE-2017-10134 affects Oracle PeopleSoft Enterprise FSCM (subcomponent: eProcurement) on version 9.2. The vulnerability allows a low-privilege attacker with network access via HTTP to compromise FSCM, requiring user interaction. Successful exploitation can lead to unauthorized update/insert/delet...

[SECURITY] [DSA 3802-1] zabbix security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3802-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 05, 2017 https://www.debian.org/security/faq -...

CVE-2016-10134

Zabbix vulnerability CVE-2016-10134 affects Zabbix &lt;2.2.14 and