7 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-39900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the...
CVE-2026-39900 Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the authprofile.php JavaScript context. This issue has been fixed in version 1.2.31...
Cacti Cross-Site Request Forgery Vulnerability (CNVD-2021-37698)
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site request forgery vulnerability exists in...
FreeBSD : Cacti -- XSS (XSS) vulnerability in auth_profile.php (f86d0e5d-7467-11e7-93af-005056925db4)
kimiizhang reports : Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
UBUNTU-CVE-2017-11691
Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...
Cross site scripting
Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...
Cacti -- Cross-site scripting (XSS) vulnerability in auth_profile.php
kimiizhang reports: Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...