Lucene search

K
nessusTenable8004.PRM
HistorySep 05, 2013 - 12:00 a.m.

Cacti < 0.8.8b Command and SQL Injections

2013-09-0500:00:00
Tenable
www.tenable.com
16

Cacti is a network graphing solution designed to use the power of RRDTool’s data storage and graphing functionality. According to its self-reported version number, the version of Cacti hosted on the remote web server is affected by command injection and SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input.

An attacker may be able to leverage these issues to execute arbitrary code as well as access or modify the underlying database for the application

Binary data 8004.prm
VendorProductVersionCPE
cacticacticpe:/a:cacti:cacti