Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-0785
HistoryFeb 14, 2008 - 11:00 p.m.

CVE-2008-0785

2008-02-1423:00:00
CWE-89
[email protected]
web.nvd.nist.gov
29
cve
2008
0785
sql injection
cacti
remote authentication
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

JSON

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.

Affected configurations

NVD
Node
cacticactiMatch0.6.7
OR
cacticactiMatch0.8
OR
cacticactiMatch0.8.1
OR
cacticactiMatch0.8.2
OR
cacticactiMatch0.8.2a
OR
cacticactiMatch0.8.3
OR
cacticactiMatch0.8.3a
OR
cacticactiMatch0.8.4
OR
cacticactiMatch0.8.5
OR
cacticactiMatch0.8.5a
OR
cacticactiMatch0.8.6c
OR
cacticactiMatch0.8.6f
OR
cacticactiMatch0.8.6i
OR
cacticactiMatch0.8.6j
OR
cacticactiMatch0.8.7
OR
cacticactiMatch0.8.7a

References

Related

nvd 1
ubuntucve 1
debiancve 1
nessus 5
prion 1
cvelist 1
openvas 10
debian 3
gentoo 1
securityvulns 4
redhatcve 1
nvd
nvd
CVE-2008-0785
2008-02-14 23:00:00
ubuntucve
ubuntucve
CVE-2008-0785
2008-02-14 00:00:00
debiancve
debiancve
CVE-2008-0785
2008-02-14 23:00:00
nessus
nessus
Cacti index.php/sql.php Login Action login_username Parameter SQL Injection
2008-02-13 00:00:00
Debian DSA-1569-2 : cacti - insufficient input sanitising
2008-05-09 00:00:00
Fedora 7 : cacti-0.8.7b-1.fc7 (2008-1737)
2008-02-18 00:00:00
prion
prion
Sql injection
2008-02-14 23:00:00
cvelist
cvelist
CVE-2008-0785
2008-02-14 22:00:00
openvas
openvas
Debian: Security Advisory (DSA-1569-1)
2008-08-15 00:00:00
Debian Security Advisory DSA 1569-1 (cacti)
2008-05-12 00:00:00
Debian Security Advisory DSA 1569-3 (cacti)
2008-08-15 00:00:00
debian
debian
[SECURITY] [DSA 1569-2] New cacti packages fix regression
2008-05-06 11:12:10
[SECURITY] [DSA 1569-3] New cacti packages fix regression
2008-07-15 19:05:33
[SECURITY] [DSA 1569-1] New cacti packages fix multiple vulnerabilities
2008-05-05 15:58:54
gentoo
gentoo
Cacti: Multiple vulnerabilities
2008-03-10 00:00:00
securityvulns
securityvulns
[ GLSA 200803-18 ] Cacti: Multiple vulnerabilities
2008-03-11 00:00:00
[ MDVSA-2008:052 ] - Updated cacti packages fix multiple vulnerabilities
2008-02-29 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2008-02-29 00:00:00
redhatcve
redhatcve
CVE-2008-0785
2019-10-04 21:48:39

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.4%

JSON
Related for CVE-2008-0785
nvd1ubuntucve1debiancve1nessus5prion1cvelist1openvas10debian3gentoo1securityvulns4redhatcve1