8.8CVSS
8.8AI Score
0.943EPSS
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
9.8CVSS
9.5AI Score
0.012EPSS
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
9.8CVSS
9.6AI Score
0.029EPSS
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
6.1CVSS
5.9AI Score
0.079EPSS