SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the Visible name field during the autoremoval process. An attacker can execute arbitrary SQL commands by injecting malicious input into this field. Remediation Upgrade zabbix/zabbix to version 6.0.34, 6.4.19, 7.0.4 or...

Linux Distros Unpatched Vulnerability : CVE-2021-46088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution RCE. Any user with the Zabbix Admin role is able to run custom shell script on the...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix versions 6.0.30, 6.4.15, and 7.0.0 that stems from a user being able to directly modify memory...

SUSE CVE-2021-46088

Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution RCE. Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user...

DEBIAN-CVE-2016-10742

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter...

UBUNTU-CVE-2014-1685

The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors...