CVE-2013-5743

CRITICAL

Zabbix < 1.8.17 - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.

Exploits (2)

exploitdb WORKING POC
by Jason Kratzer · rubywebappsunix
https://www.exploit-db.com/exploits/28972
metasploit WORKING POC EXCELLENT
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zabbix_sqli.rb

References (4)

Scores

CVSS v3 9.8
EPSS 0.7779
EPSS Percentile 99.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
zabbix/zabbix 1.8 - 1.8.17
Published Dec 11, 2019
Tracked Since Feb 18, 2026