Linux Distros Unpatched Vulnerability : CVE-2023-39359

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows...

PT-2023-4991 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.25 Description: An authenticated SQL injection issue was discovered in Cacti, an open source operational monitoring and fault management framework. This issue allows authenticated users to perform privilege...

UBUNTU-CVE-2022-41444

Cross Site Scripting XSS vulnerability in Cacti 1.2.21 via crafted POST request to graphsnew.php...

DEBIAN-CVE-2020-23226

Multiple Cross Site Scripting XSS vulneratiblities exist in Cacti 1.2.12 in 1 reportsadmin.php, 2 dataqueries.php, 3 datainput.php, 4 graphtemplates.php, 5 graphs.php, 6 reportsadmin.php, and 7 datainput.php...

UBUNTU-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

PT-2020-19374 · Cacti +2 · Cacti +2

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.8 Description: The issue concerns stored XSS in several PHP files, including data sources.php, color templates item.php, graphs.php, graph items.php, lib/api automation.php, user admin.php, and user group admin.php. This is...

DEBIAN-CVE-2007-0510

Multiple buffer overflows in 1 graphs.c, 2 output.c, and 3 preserve.c in AWFFull 3.7.1 and earlier have unknown impact and attack vectors. NOTE: some of these details are obtained from third party information. NOTE: There may not be any attack vector that crosses privilege boundaries...