No title provided

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

DSA-2060-1 cacti - SQL injection

Bulletin has no description...

Sql injection

SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rraid parameter in a GET request in conjunction with a valid rraid value in a POST request or a cookie, which causes the POST or cookie value to bypass the...

CVE-2010-1431

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

Sql injection

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

CVE-2010-1431

The CVE-2010-1431 entry affects Cacti up to version 0.8.7e, where templates_export.php is vulnerable to SQL injection via the export_item_id parameter. This allows remote attackers to execute arbitrary SQL commands against the database. Multiple advisories confirm the issue and patches exist (e.g...

Cacti 0.8.7e - SQL Injection

Cacti 0.8.7e - SQL Injection CVSSv2 Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the “exportitemid” parameter to “templatesexport.php” script is not properly sanitized before...

Fedora 11 : cacti-0.8.7e-3.fc11 (2009-12575)

This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

CVE-2009-4032

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

Cacti Multiple HTML Injection Vulnerabilities

Cacti is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...