Zabbix Security Vulnerabilities and Issues — Zabbix CVE List

Lucene search

ZabbixZabbix

4 matches found

CVE•added 2011/08/19 9:55 p.m.•60 views

CVE-2011-3265

popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter.

5CVSS6.4AI score0.00516EPSS

CVE•added 2011/08/19 9:55 p.m.•50 views

CVE-2011-3263

zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device.

5CVSS6.4AI score0.00476EPSS

CVE•added 2011/08/19 9:55 p.m.•48 views

CVE-2011-2904

Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.

4.3CVSS5.5AI score0.00713EPSS

CVE•added 2011/08/19 9:55 p.m.•46 views

CVE-2011-3264

Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message.

5CVSS6.1AI score0.00455EPSS