EUVD-2013-5428

Malware in sbrugna...

EUVD-2017-1359

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-1000031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid a...

SUSE CVE-2013-1435

1 snmp.php and 2 rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

SUSE CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

[SECURITY] [DLA 2069-1] cacti security update

Package : cacti Version : 0.8.8b+dfsg-8+deb8u9 CVE ID : CVE-2020-7106 It was discovered that there were a number of cross-site scripting vulnerabilities in cacti, a web interface for monitoring systems. For Debian 8 "Jessie", this issue has been fixed in cacti version 0.8.8b+dfsg-8+deb8u9. We...

Cacti graph_templates_inputs.php file SQL injection vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . An SQL injection vulnerability exists in the graphtemplatesinputs.p...

Cacti cross-site scripting vulnerability (CNVD-2017-18620)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site scripting vulnerability exists in Cacti version 0.8.8b...

CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

CVE-2017-1000031

SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid and graphtemplateid parameters...

UBUNTU-CVE-2017-1000031

SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid and graphtemplateid parameters...

Cross site scripting

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

CVE-2017-1000032

CVE-2017-1000032 : XSS in Cacti 0.8.8b allows remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and the drp_action parameter to data_sources.php. The connected notices (SU̲SE, NVD, CNVD, OSV, etc.) consistently describe the vulnerability in Cacti 0.8.8...

CVE-2017-1000031

CVE-2017-1000031 involves a SQL injection in the Cacti project (version 0.8.8b) where the vulnerability is located in the graph_templates_inputs.php mechanism. An attacker can leverage the parameters graph_template_input_id and graph_template_id to execute arbitrary SQL commands remotely. The con...

Debian: Security Advisory (DSA-3423-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JVN#55076671: Cacti vulnerable to cross-site request forgery

Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the software Update to the latest...

CVE-2014-5026

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...