Vulnerabilities > Zabbix

DATE	CVE	VULNERABILITY TITLE	RISK
2017-02-17	CVE-2016-10134	SQL Injection vulnerability in Zabbix SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php. network low complexity zabbix CWE-89 critical	9.8
2017-01-23	CVE-2016-4338	SQL Injection vulnerability in Zabbix The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter. network high complexity zabbix CWE-89	8.1

Vulnerabilities > Zabbix {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zabbix"}]}