SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 prior to 1.8.2 allows remote malicious users to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zabbix zabbix 1.8 |
||
zabbix zabbix 1.8.1 |