cacti -- SQL injection vulnerabilities

2015-12-05T00:00:00
ID BB961FF3-B3A4-11E5-8255-5453ED2E2B49
Type freebsd
Reporter FreeBSD
Modified 2015-12-05T00:00:00

Description

NVD reports:

SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.