Fedora 20 : cacti-0.8.8b-5.fc20 (2014-4892)

Patches for four CVEs. This update fixes SQL injection, shell escaping issues, a stored XSS attack, and use of exec-like function calls without safety checks allowing arbitrary command execution. Note that Tenable Network Security has extracted the preceding description block directly from the...

Fedora 19 : cacti-0.8.8b-5.fc19 (2014-4928)

Patches for four CVEs. This update fixes SQL injection, shell escaping issues, a stored XSS attack, and use of exec-like function calls without safety checks allowing arbitrary command execution. Note that Tenable Network Security has extracted the preceding description block directly from the...

FreeBSD : cacti -- multiple vulnerabilities (e02e6a4e-6b26-11df-96b2-0015587e2cc1)

Multiple vulnerabilities have been reported to exist in older version of Cacti. The release notes of Cacti 0.8.7f summarizes the problems as follows : - SQL injection and shell escaping issues - Cross-site scripting issues - Cacti Graph Viewer SQL injection vulnerability %NASLMINLEVEL 70300 C...

cacti -- multiple vulnerabilities

Multiple vulnerabilities have been reported to exist in older version of Cacti. The release notes of Cacti 0.8.7f summarizes the problems as follows: SQL injection and shell escaping issues Cross-site scripting issues Cacti Graph Viewer SQL injection vulnerability...

CVE-2008-3074

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...

ibsh Iron Bars SHell Format String Vulnerability format string bug

Format string bug allows restricted shell escaping...

Bugzilla multiple bugs

SQL injection, shell escaping problems, information leakage...