CVE-2016-10134: SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0 ...

Severity: Critical

CVSS Score: 9.8

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.