cve/CVE-2019-17382.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.

POC

Reference

https://www.exploit-db.com/exploits/47467
https://www.exploit-db.com/exploits/47467

Github

https://github.com/20142995/sectool
https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/Elsfa7-110/kenzer-templates
https://github.com/K3ysTr0K3R/CVE-2019-17382-EXPLOIT
https://github.com/K3ysTr0K3R/K3ysTr0K3R
https://github.com/StarCrossPortal/scalpel
https://github.com/anonymous364872/Rapier_Tool
https://github.com/apif-review/APIF_tool_2024
https://github.com/d4n-sec/d4n-sec.github.io
https://github.com/huimzjty/vulwiki
https://github.com/merlinepedra/nuclei-templates
https://github.com/merlinepedra25/nuclei-templates
https://github.com/sobinge/nuclei-templates
https://github.com/youcans896768/APIV_Tool

1.5 KiB Raw Blame History

CVE-2019-17382

Description

POC

Reference

Github

1.5 KiB

Raw Blame History