6 matches found
Cacti <= 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...
CVE-2008-0783
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...
CVE-2008-0786
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2008-0783
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...
Cacti 0.8.7 - graph_view.php?filter Cross-Site Scripting
Cacti 0.8.7 - graphview.php?filter Cross-Site Scripting source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP...