Lucene search
K

7 matches found

NVD
NVD
added 2010/05/04 4:0 p.m.26 views

CVE-2010-1431

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

7.5CVSS8.2AI score0.03802EPSS
Exploits0References15
Prion
Prion
added 2010/05/04 4:0 p.m.29 views

Sql injection

SQL injection vulnerability in templatesexport.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the exportitemid parameter...

7.5CVSS8.8AI score0.03802EPSS
Exploits0References15Affected Software1
CVE
CVE
added 2010/05/04 3:0 p.m.80 views

CVE-2010-1431

The CVE-2010-1431 entry affects Cacti up to version 0.8.7e, where templates_export.php is vulnerable to SQL injection via the export_item_id parameter. This allows remote attackers to execute arbitrary SQL commands against the database. Multiple advisories confirm the issue and patches exist (e.g...

7.5CVSS8.2AI score0.03802EPSS
Exploits0References15Affected Software1
exploitpack
exploitpack
added 2010/04/22 12:0 a.m.9 views

Cacti 0.8.7e - SQL Injection

Cacti 0.8.7e - SQL Injection CVSSv2 Score: 9 AV:N/AC:L/Au:S/C:C/I:C/A:C A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the “exportitemid” parameter to “templatesexport.php” script is not properly sanitized before...

8.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/12/28 12:0 a.m.36 views

Fedora 11 : cacti-0.8.7e-3.fc11 (2009-12575)

This fix contains several official patches from cacti: Command Line Add Graphs Syntax SNMP Invalid Responses Template Import/Export Duplication Cross-Site Scripting Fixes http://www.cacti.net/downloadpatches.php Note that Tenable Network Security has extracted the preceding description block...

4.3CVSS5.3AI score0.05739EPSS
Exploits6References4
Prion
Prion
added 2009/11/29 1:7 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

4.3CVSS5.7AI score0.05739EPSS
Exploits6References24Affected Software1
Debian CVE
Debian CVE
added 2009/11/27 7:0 p.m.36 views

CVE-2009-4032

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

4.3CVSS5.6AI score0.05739EPSS
Exploits6
Rows per page
Query Builder