Download
| Alert*
oval:org.secpod.oval:def:602798
An SQL injection vulnerability has been discovered in the "Latest data" page of the web frontend of the Zabbix network monitoring system oval:org.secpod.oval:def:600877 It was discovered that Zabbix, a network monitoring solution, does not properly validate user input used as a part of an SQL query. This may allow unauthenticated attackers to execute arbitrary SQL commands and possibly escalate privileges. oval:org.secpod.oval:def:39192 zabbix-frontend-php is installed oval:org.secpod.oval:def:601618 zabbix-frontend-php is installed oval:org.secpod.oval:def:603040 Lilith Wyatt discovered two vulnerabilities in the Zabbix network monitoring system which may result in execution of arbitrary code or database writes by malicious proxies. oval:org.secpod.oval:def:708901 zabbix: Open-source monitoring software tool for diverse IT components Zabbix could allow reflected cross-site scripting attacks. |