|Category:||Web application abuses|
|Title:||ZABBIX 'locales.php' 'extlang' Parameter Remote Code Execution|
|Summary:||Determine if it is possible to execute a command|
ZABBIX is prone to a Remote Code Execution.
Input passed to the 'extlang' parameter in 'locales.php' is not properly
sanitised before being used to process data. This can be exploited to execute
arbitrary commands via specially crafted requests.
ZABBIX 1.6.2 and possibly earlier versions are vulnerable.
Updates are available. Please see the references for more information.
|Copyright||This script is Copyright (C) 2012 Greenbone Networks GmbH|
|This is only one of 54385 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.