3 matches found
CVE-2010-1277
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to apijsonrpc.php...
CVE-2010-1277
SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to apijsonrpc.php...
CVE-2010-1277
Zabbix 1.8.x before 1.8.2 is affected by an SQL injection in the API’s user.authenticate via the JSON payload to api_jsonrpc.php. The issue allows remote attackers to execute arbitrary SQL commands. Per connected advisories, upgrade to the latest Zabbix package (Gentoo GLSA 201311-15 recommends &...