This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Zabbix versions 2.0.8 and lower. The SQL injection issue can be abused in order to retrieve an active session ID. If an administrator level user is identified, remote code execution can be gained by uploading and executing remote scripts via the 'scripts_exec.php' file.
43e33eef7564de8ef7460b90f5eacf0b5e096e9067163c4790e0950c800b1b87
Zabbix versions 2.0.8 and below suffer from a remote SQL injection vulnerability.
b2dde0d085a8d1f2111b9eea03d6c543e39033d9b878ba6a51f744598318cb60