CVE-2010-5049

CVE Descriptions

SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	7.5		AV:N/AC:L/Au:N/C:P/I:P/A:P	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	1.21%	–	–
2022-03-27	–	–	1.21%	–	–
2022-04-03	–	–	1.21%	–	–
2022-05-08	–	–	1.21%	–	–
2022-08-28	–	–	1.21%	–	–
2023-02-26	–	–	1.21%	–	–
2023-03-12	–	–	–	0.3%	–
2023-08-13	–	–	–	0.3%	–
2023-10-22	–	–	–	0.26%	–
2023-12-17	–	–	–	0.23%	–
2024-02-11	–	–	–	0.23%	–
2024-03-31	–	–	–	0.23%	–
2024-06-02	–	–	–	0.23%	–
2024-07-14	–	–	–	0.23%	–
2024-08-04	–	–	–	0.23%	–
2024-08-11	–	–	–	0.23%	–
2024-09-22	–	–	–	0.23%	–
2024-10-27	–	–	–	0.23%	–
2024-12-22	–	–	–	0.24%	–
2025-01-19	–	–	–	0.24%	–
2025-03-18	–	–	–	–	0.46%
2025-03-30	–	–	–	–	0.49%
2025-04-15	–	–	–	–	0.49%
2025-04-15	–	–	–	–	0.49,%

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Date	Percentile
2022-02-06	41%
2022-03-27	42%
2022-04-03	64%
2022-05-08	65%
2022-08-28	66%
2023-02-26	67%
2023-03-12	65%
2023-08-13	66%
2023-10-22	63%
2023-12-17	61%
2024-02-11	6%
2024-03-31	61%
2024-06-02	61%
2024-07-14	62%
2024-08-04	61%
2024-08-11	62%
2024-09-22	61%
2024-10-27	62%
2024-12-22	64%
2025-01-19	64%
2025-03-18	62%
2025-03-30	63%
2025-04-15	64%
2025-04-15	64%

Products Mentioned

Configuraton 0

Zabbix>>Zabbix >> Version To (including) 1.8.1

Zabbix>>Zabbix >> Version 1.0 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.0.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.8 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.3.8 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.4.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.5.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.5 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.6 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.8 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.6.9 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7.0 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7.2 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7.3 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.7.4 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.8 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.8.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)
Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1

Zabbix>>Zabbix >> Version 1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.1

Zabbix>>Zabbix >> Version 1.1.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.2

Zabbix>>Zabbix >> Version 1.1.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.3

Zabbix>>Zabbix >> Version 1.1.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.4

Zabbix>>Zabbix >> Version 1.1.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.5

Zabbix>>Zabbix >> Version 1.1.5 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.6

Zabbix>>Zabbix >> Version 1.1.6 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.1.7

Zabbix>>Zabbix >> Version 1.1.7 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3

Zabbix>>Zabbix >> Version 1.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.1

Zabbix>>Zabbix >> Version 1.3.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.2

Zabbix>>Zabbix >> Version 1.3.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.3

Zabbix>>Zabbix >> Version 1.3.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.4

Zabbix>>Zabbix >> Version 1.3.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.5

Zabbix>>Zabbix >> Version 1.3.5 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.6

Zabbix>>Zabbix >> Version 1.3.6 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.7

Zabbix>>Zabbix >> Version 1.3.7 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.3.8

Zabbix>>Zabbix >> Version 1.3.8 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.4.2

Zabbix>>Zabbix >> Version 1.4.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.4.3

Zabbix>>Zabbix >> Version 1.4.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.4.4

Zabbix>>Zabbix >> Version 1.4.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.4.5

Zabbix>>Zabbix >> Version 1.4.5 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.4.6

Zabbix>>Zabbix >> Version 1.4.6 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.5

Zabbix>>Zabbix >> Version 1.5 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.5.1

Zabbix>>Zabbix >> Version 1.5.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.5.2

Zabbix>>Zabbix >> Version 1.5.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.5.3

Zabbix>>Zabbix >> Version 1.5.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.5.4

Zabbix>>Zabbix >> Version 1.5.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6

Zabbix>>Zabbix >> Version 1.6 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.1

Zabbix>>Zabbix >> Version 1.6.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.2

Zabbix>>Zabbix >> Version 1.6.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.3

Zabbix>>Zabbix >> Version 1.6.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.4

Zabbix>>Zabbix >> Version 1.6.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.5

Zabbix>>Zabbix >> Version 1.6.5 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.6

Zabbix>>Zabbix >> Version 1.6.6 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.7

Zabbix>>Zabbix >> Version 1.6.7 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.8

Zabbix>>Zabbix >> Version 1.6.8 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.6.9

Zabbix>>Zabbix >> Version 1.6.9 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.7

Zabbix>>Zabbix >> Version 1.7 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.7.1

Zabbix>>Zabbix >> Version 1.7.1 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.7.2

Zabbix>>Zabbix >> Version 1.7.2 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.7.3

Zabbix>>Zabbix >> Version 1.7.3 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.7.4

Zabbix>>Zabbix >> Version 1.7.4 (Open CPE detail)

Zabbix>>Zabbix >> Version 1.8

Zabbix>>Zabbix >> Version 1.8 (Open CPE detail)

References

http://www.securityfocus.com/archive/1/511454/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2010/1240
Tags : vdb-entry, x_refsource_VUPEN

http://www.securityfocus.com/bid/39752
Tags : vdb-entry, x_refsource_BID

http://secunia.com/advisories/39119
Tags : third-party-advisory, x_refsource_SECUNIA

http://packetstormsecurity.org/1004-exploits/zabbix181-sql.txt
Tags : x_refsource_MISC

CVE-2010-5049 : Detail

CVE-2010-5049

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

References