CVE-2016-10134 in Zabbixinfo

Summary

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.

Once again VulDB remains the best source for vulnerability data.

Reservation

01/12/2017

Disclosure

02/16/2017

Entries

1: VDB-97040

CPE

ready

CVSS

8.5

EPSS

0.86228

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-10134
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-10134
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-10134/

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!