漏洞描述
Zabbix Audit Log中存在SQL注入漏洞,该漏洞是由于应用程序对'clientip'参数数据验证不足导致的。
Zabbix Audit Log CVE-2024-22120 SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- 易达科技-ECMS getlistProjAuditDataQGC.do SQL注入漏洞
- 易达科技-ECMS /procedure/getlistProjAuditDataQGC.do SQL 注入漏洞
- 用友U8 渠道管理(高级版) /NCSaleOut2CRMAuditServlet SQL 注入漏洞
- POC 易达科技-ECMS getlistProjAuditDataQGC 存在SQL注入漏洞
- Zabbix /api_jsonrpc.php SQL 注入漏洞(CVE-2024-36465)
- esafenet-cdgserver3-fileauditservice-rce: 亿赛通电子文档系统 FileAuditService RCE
- POC CVE-2024-22120: Zabbix Server - Time-Based Blind SQL injection
- POC CVE-2016-10134: Zabbix - SQL Injection
- POC CVE-2018-8719: WordPress WP Security Audit Log 3.1.1 - Information Disclosure
- POC CVE-2019-17382: Zabbix <=4.4 - Authentication Bypass
- POC CVE-2020-2140: Jenkin Audit Trail <=3.2 - Cross-Site Scripting
- POC CVE-2022-23131: Zabbix - SAML SSO Authentication Bypass
- POC CVE-2022-23134: Zabbix Setup Configuration Authentication Bypass