22 matches found
EUVD-2017-1359
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-1000031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid a...
SUSE CVE-2014-5026
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...
CVE-2017-1000032
Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...
Cross site scripting
Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...
CVE-2017-1000032
Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...
CVE-2017-1000031
SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid and graphtemplateid parameters...
CVE-2017-1000032
CVE-2017-1000032 : XSS in Cacti 0.8.8b allows remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and the drp_action parameter to data_sources.php. The connected notices (SU̲SE, NVD, CNVD, OSV, etc.) consistently describe the vulnerability in Cacti 0.8.8...
CVE-2017-1000031
CVE-2017-1000031 involves a SQL injection in the Cacti project (version 0.8.8b) where the vulnerability is located in the graph_templates_inputs.php mechanism. An attacker can leverage the parameters graph_template_input_id and graph_template_id to execute arbitrary SQL commands remotely. The con...
CVE-2017-1000032
Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...
CVE-2014-5026
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...
CVE-2014-5026
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a 1 Graph Tree Title in a delete or 2 edit action; 3 CDEF Name, 4 Data Input Method Name, or 5 Host Templates Name in a delete action; ...
CVE-2014-5025
Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...
Immunity Canvas: CVE_2014_5261
Name| CVE20145261 ---|--- CVE| CVE-2014-5261 Exploit Pack| CANVAS Description| CVE-2014-5261 Notes| CVE Name: CVE-2014-5261 VENDOR: The Cacti Group Changelog: http://svn.cacti.net/viewvc?view=rev&revision=7454 Notes: This is a post-authentication command injection vulnerability in Cacti 0.8.8b,...
CVE-2014-4002
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
CVE-2014-4002
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
CVE-2014-4002
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
CVE-2014-4002
CVE-2014-4002 is a set of cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b that affect multiple PHP scripts and parameters, including drp_action in cdef.php and numerous others (data_input.php, data_queries.php, data_sources.php, data_templates.php, graph_templates.php, graphs.php, host...