Lucene search
K

46 matches found

osv
osv
added 2010/08/23 10:0 p.m.7 views

CVE-2010-2543

Cross-site scripting XSS vulnerability in include/topgraphheader.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graphstart parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b...

5.4AI score
Exploits0References7
osv
osv
added 2010/05/04 4:0 p.m.7 views

CVE-2010-1431

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

8.1AI score
Exploits0References15
osv
osv
added 2009/11/30 9:30 p.m.8 views

CVE-2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands...

7AI score
Exploits0References10
osv
osv
added 2007/06/07 9:30 p.m.7 views

CVE-2007-3112

graphimage.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service CPU consumption via a large value of the 1 graphstart or 2 graphend parameter, different vectors than CVE-2007-3113...

6.1AI score
Exploits0References12
osv
osv
added 2004/12/31 5:0 a.m.9 views

CVE-2004-1736

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to 1 auth.php, 2 authlogin.php, 3 authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message...

6.9AI score
Exploits0References4
osv
osv
added 2004/08/16 4:0 a.m.2 views

DEBIAN-CVE-2004-1737

SQL injection vulnerability in authlogin.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username or 2 password parameters...

7.5CVSS8.8AI score0.02827EPSS
Exploits1References1
Rows per page
Query Builder