Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix prior to 1.8.22, 2.0.x prior to 2.0.14, and 2.2.x prior to 2.2.8 allow remote malicious users to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zabbix zabbix 2.0.4 |
||
zabbix zabbix 2.0.5 |
||
zabbix zabbix 2.0.2 |
||
zabbix zabbix 2.0.3 |
||
zabbix zabbix 2.0.6 |
||
zabbix zabbix 2.0.8 |
||
zabbix zabbix 2.0.11 |
||
zabbix zabbix 2.0.10 |
||
zabbix zabbix 2.0.9 |
||
zabbix zabbix 2.0.13 |
||
zabbix zabbix 2.2.0 |
||
zabbix zabbix 2.2.2 |
||
zabbix zabbix 2.2.3 |
||
zabbix zabbix 2.2.4 |
||
zabbix zabbix 2.0.1 |
||
zabbix zabbix 2.2.1 |
||
zabbix zabbix 2.2.6 |
||
zabbix zabbix 2.2.7 |
||
zabbix zabbix |
||
zabbix zabbix 2.0.7 |
||
zabbix zabbix 2.2.5 |
||
zabbix zabbix 2.0.12 |