Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-2257

Zabbix <= 1.8.1 SQL Injection

XMLWordPrintable

    • Icon: Incident report Incident report
    • Resolution: Fixed
    • Icon: Major Major
    • 1.8.2
    • 1.8, 1.8.1
    • API (A)
    • None
    • n/a

      Zabbix API in versions up to 1.8.1 is vulnerable to an SQL Injection attack
      which can be exploited without any authentication.

      For more details please check my advisory at http://legalhackers.com/advisories/zabbix181api-sql.txt

      Issue discovered by:
      Dawid Golunski (legalhackers.com)

            Unassigned Unassigned
            dawid_golunski Dawid Golunski (legalhackers.com)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: