{"uuid": "449247be-4582-454b-a637-2f8db6da1cd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22120", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/2842", "content": "https://www.zabbix.com/security_advisories\n\n[ Time Based SQL Injection in Zabbix Server Audit Log ]\n\nCVE-2024-22120\n\n\u26d4\ufe0f CRITICAL \u26d4\ufe0f\n\nThis vulnerability could lead to privilege escalation from user to admin. In some cases, SQL injection leads to RCE.\n\nAffected version/s:\n6.0.0-6.0.27\n6.4.0-6.4.12\n7.0.0alpha1-7.0.0beta1\n\nPoC: https://support.zabbix.com/secure/attachment/236280/236280_zabbix_server_time_based_blind_sqli.py", "creation_timestamp": "2024-05-21T15:56:08.000000Z"}