Unrated severityNVD Advisory· Published Jan 2, 2015· Updated Jun 17, 2026
CVE-2014-9450
CVE-2014-9450
Description
Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
58cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*+ 57 more
- cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*range: <=1.8.21
- cpe:2.3:a:zabbix:zabbix:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.11:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.11:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.12:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.12:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.12:rc3:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.13:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.7:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.8:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.8:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.9:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.0.9:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.4:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.4:rc2:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.4:rc3:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.4:rc4:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.5:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.6:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.7:rc1:*:*:*:*:*:*
- cpe:2.3:a:zabbix:zabbix:2.2.7:rc2:*:*:*:*:*:*
- (no CPE)range: <1.8.22 || >=2.0.0 <2.0.14 || >=2.2.0 <2.2.8
Patches
Vulnerability mechanics
References
5- www.zabbix.com/rn1.8.22.phpnvdVendor Advisory
- www.zabbix.com/rn2.0.14.phpnvdVendor Advisory
- www.zabbix.com/rn2.2.8.phpnvdVendor Advisory
- support.zabbix.com/browse/ZBX-8582nvdVendor Advisory
- secunia.com/advisories/61554nvd
News mentions
0No linked articles in our index yet.