EUVD-2003-0133

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-39362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can...

Exploit for OS Command Injection in Cacti

Command injection vulnerability in Cacti CVE-2023-39362 - Po...

OPENSUSE-SU-2023:0275-1 Security update for cacti, cacti-spine

This update for cacti, cacti-spine fixes the following issues: cacti-spine 1.2.25: Spine should see if script to be executed is executable Enhance number recognition When polling devices, sort by larger number of items first Log format may be corrupted when timeout occurs Compile warning appears...

CVE-2023-39362 Authenticated command injection in SNMP options of a Device

Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlyin...

Cross site scripting

In clearFilter in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string SNMP Options in the View poller cache, leading to XSS...

CVE-2019-11025

In clearFilter in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string SNMP Options in the View poller cache, leading to XSS...