Description

Zabbix 2.0.8 is vulnerable to an SQL injection vulnerability, which may allow an attacker to execute malicious SQL statements that control a web application's database server.

Remediation

Upgrade to the latest version of Zabbix.

References

SEC Consult Vulnerability Lab Security Advisory 20131004-0

SQL injection vulnerabilities in the API and frontend

CVE-2013-5743

Related Vulnerabilities

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.4)

WordPress Plugin WordPress Page Contact SQL Injection (1.0)

WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3)

WordPress Plugin Entries For WPForms SQL Injection (1.4.0)

WordPress Plugin WP-PostRatings '[ratings]' Shortcode SQL Injection (1.61)

Severity

High

Classification

CVE-2013-5743 CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

SQL Injection