9 matches found
Cacti <= 0.8.7 'data_input.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34991/info Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
DSA-2060-1 cacti - SQL injection
Bulletin has no description...
Debian Security Advisory DSA 2039-1 (cacti)
The remote host is missing an update to cacti announced via advisory DSA 2039-1. OpenVAS Vulnerability Test $Id: deb20391.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2039-1 cacti Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Cacti 'data_input.php' Cross Site Scripting Vulnerability
Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...
Cacti < 0.8.7b 'data_input.php' XSS Vulnerability
Cacti is prone to a cross-site scripting XSS vulnerability because the application fails to sufficiently sanitize user-supplied input. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Cacti 0.8.7 - data_input.php Cross-Site Scripting
Cacti 0.8.7 - datainput.php Cross-Site Scripting source: https://www.securityfocus.com/bid/34991/info Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
CVE-2008-0786
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...
CVE-2008-0786
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...