Download
| Alert*
|
oval:org.secpod.oval:def:602798
An SQL injection vulnerability has been discovered in the "Latest data" page of the web frontend of the Zabbix network monitoring system oval:org.secpod.oval:def:600877 It was discovered that Zabbix, a network monitoring solution, does not properly validate user input used as a part of an SQL query. This may allow unauthenticated attackers to execute arbitrary SQL commands and possibly escalate privileges. oval:org.secpod.oval:def:601620 zabbix-server-pgsql is installed oval:org.secpod.oval:def:39198 zabbix-server-pgsql is installed oval:org.secpod.oval:def:603040 Lilith Wyatt discovered two vulnerabilities in the Zabbix network monitoring system which may result in execution of arbitrary code or database writes by malicious proxies. |
