Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zabbix SIA Zabbix frontend程序SQL注入漏洞
Vulnerability Description
Zabbix是拉脱维亚Zabbix SIA公司的一套开源的监控系统。该系统可监视各种网络参数,并提供通知机制让系统管理员快速定位、解决存在的各种问题。 Zabbix SIA Zabbix的frontend程序中的chart_bar.php脚本存在SQL注入漏洞。远程攻击者可借助‘itemid’或‘periods’利用该漏洞执行任意SQL命令。以下版本受到影响:Zabbix 1.8.22之前的版本,2.0.14之前的2.0.x版本,2.2.8之前的2.2.x版本。
CVSS Information
N/A
Vulnerability Type
N/A