cve/CVE-2024-22120.md at ba290685fe22de220a539dbecbe46bd650f1a0d5

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection.

POC

Reference

https://support.zabbix.com/browse/ZBX-24505
https://support.zabbix.com/browse/ZBX-24505

Github

https://github.com/GhostTroops/TOP
https://github.com/Threekiii/CVE
https://github.com/W01fh4cker/CVE-2024-22120-RCE
https://github.com/ZonghaoLi777/githubTrending
https://github.com/aneasystone/github-trending
https://github.com/fireinrain/github-trending
https://github.com/johe123qwe/github-trending
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/sampsonv/github-trending
https://github.com/tanjiti/sec_profile
https://github.com/wjlin0/poc-doc
https://github.com/wy876/POC
https://github.com/wy876/wiki
https://github.com/zhaoxiaoha/github-trending

1.3 KiB Raw Blame History

CVE-2024-22120

Description

POC

Reference

Github

1.3 KiB

Raw Blame History