Lucene search
+L

4 matches found

CNVD
CNVD
added 2022/02/10 12:0 a.m.32 views

Zabbix Sia Zabbix has an unspecified vulnerability (CNVD-2022-11529)

Zabbix Sia Zabbix is an open source monitoring system from the Latvian company Zabbix SIA Zabbix Sia. Zabbix 4.0 LTS, 4.2, 4.4 and 5.0 LTS versions are vulnerable due to a lack of filtering and escaping of user submitted command parameters. Any user with the "Zabbix Administrator" role can run a...

7.2CVSS2.6AI score0.04036EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/17 12:0 a.m.33 views

Zabbix Sia Zabbix has an unspecified vulnerability

Zabbix Sia Zabbix is an open source monitoring system from the Latvian company Zabbix SIA Zabbix Sia. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring, etc. A security vulnerability exists in Zabbix Frontend, which stems from the fact that wi...

9.8CVSS3AI score0.95683EPSS
Exploits9References1
seebug.org
seebug.org
added 2010/04/02 12:0 a.m.35 views

ZABBIX<= 1.8.1 DBcondition函数SQL注入漏洞

BUGTRAQ ID: 39148 CVE ID: CVE-2010-0686 zabbix是一个CS结构的分布式网络监控系统。 Zabbix API使用了include/db.inc.php中定义的DBcondition函数来执行SQL查询中WHERE子句的条件。该函数没有对用户提供数据提供额外的检查: function DBcondition$fieldname, &$array, $notin=false, $string=false global $DB; $condition = ''; ---cut--- $in = $notin?' NOT IN ':' IN ';...

7.5CVSS6.4AI score0.02177EPSS
Exploits2
seebug.org
seebug.org
added 2009/03/05 12:0 a.m.31 views

ZABBIX PHP前端多个输入验证漏洞

BUGTRAQ ID: 33965 zabbix是一个CS结构的分布式网络监控系统。 ZABBIX的PHP前端存在多个输入验证错误,远程攻击者可以通过提交恶意请求执行跨站请求伪造攻击、读取敏感信息或完全入侵有漏洞的系统。 1 include/validate.inc.php中没有正确的过滤对calcexp2函数所提交的extlang参数,这可能导致注入并执行任意PHP代码。 2 由于没有检查用户提交请求的有效性,远程攻击者可以通过提交HTTP执行非授权操作。 3...

6.9AI score
Exploits0
Rows per page
Query Builder