The document describes a SQL injection vulnerability in Zabbix 2.2.x and 3.0.x, where the toggle_ids array in latest.php is not properly sanitized. An authenticated attacker (or guest user) can exploit this to gain full database access, potentially leading to privilege escalation or command execution on the underlying system.
Classification
Writeup 90%
Target:
Zabbix 2.2.x, 3.0.x
No auth needed
Prerequisites:
Access to the latest.php page, either as an authenticated user or via guest mode