Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2010/04/06 4:30 p.m.22 views

CVE-2010-1277

SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to apijsonrpc.php...

7.5CVSS6.2AI score0.01739EPSS
Exploits1References1
Prion
Prion
added 2010/04/06 4:30 p.m.23 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0751, CVE-2010-1277. Reason: this candidate was intended for one issue, but it was accidentally assigned to two different issues, one for libnids and another for Zabbix. Notes: All CVE users should consult CVE-2010-0751 libni...

6.6AI score0.03942EPSS
Exploits2
OSV
OSV
added 2010/04/06 4:30 p.m.5 views

CVE-2010-1277

SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to apijsonrpc.php...

8.5AI score
Exploits0References9
CVE
CVE
added 2010/04/06 4:0 p.m.63 views

CVE-2010-1277

Zabbix 1.8.x before 1.8.2 is affected by an SQL injection in the API’s user.authenticate via the JSON payload to api_jsonrpc.php. The issue allows remote attackers to execute arbitrary SQL commands. Per connected advisories, upgrade to the latest Zabbix package (Gentoo GLSA 201311-15 recommends &...

7.5CVSS8.4AI score0.01739EPSS
Exploits1References9Affected Software1
Debian CVE
Debian CVE
added 2010/04/06 4:0 p.m.28 views

CVE-2010-1277

SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to apijsonrpc.php...

7.5CVSS7.2AI score0.01739EPSS
Exploits1
Rows per page
Query Builder