45 matches found
EUVD-2017-7845
Malware in sbrugna...
EUVD-2016-4214
Malware in sbrugna...
EUVD-2017-7963
Malware in sbrugna...
EUVD-2015-0924
Malware in sbrugna...
EUVD-2023-43236
Malicious code in bioql PyPI...
PT-2025-6448 · Cacti +1 · Cacti +1
Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.29 and earlier Description: The issue allows SQL injection in the template function in host templates.php via the graph template parameter. This problem exists due to an incomplete fix for a previous issue. Recommendations:...
DSA-5862-1 cacti - security update
Bulletin has no description...
The vulnerability in the host_templates.php script of the Cacti network monitoring software allows a hacker to execute arbitrary code.
The vulnerability of the hosttemplates.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...
The vulnerability of the build_rule_item_filter() function in the api_automation.php script of the Cacti network monitoring software allows a hacker to execute arbitrary code.
The vulnerability of the buildruleitemfilter function in the apiautomation.php script of the Cacti network monitoring software is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary cod...
The vulnerability of the graph creation function or graph template creation function of the Cacti network monitoring software allows a hacker to execute arbitrary code.
The vulnerability of the graph creation function or graph template creation function in the Cacti network monitoring software is related to improper handling of line separators. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...
The vulnerability of the web interface of the Cacti network monitoring software allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the web interface of the Cacti network monitoring software is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the functions ss_net_snmp_disk_io() and ss_net_snmp_disk_bytes() in the Cacti network monitoring software allows a attacker to execute arbitrary code.
The vulnerability of the ssnetsnmpdiskio and ssnetsnmpdiskbytes functions of the Cacti network monitoring software is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute...
CVE-2025-22604 Cacti has Authenticated RCE via multi-line SNMP responses
Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ssnetsnmpdiskio or ssnetsnmpdiskbytes, a part of each OID will be used as a key in an array that is...
PT-2025-1299
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.29 Cacti versions prior to 1.2.24+ds1-1+deb12u5 Cacti versions prior to 1.2.16+ds1-2+deb11u5 Description Cacti, a web interface for graphing of monitoring systems, contains a flaw in its multi-line SNMP result parse...
The vulnerability of the links.php script in the Cacti network monitoring software allows a hacker to perform cross-site scripting attacks.
The vulnerability of the links.php script in the Cacti network monitoring software exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the links.php script in the Cacti network monitoring software allows a hacker to perform cross-site scripting attacks.
The vulnerability of the links.php script in the Cacti network monitoring software is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
The vulnerability of the automation_tree_rules_form_save() function in the Cacti network monitoring software allows a attacker to perform XSS attacks.
The vulnerability of the automationtreerulesformsave function in the Cacti network monitoring software automationtreerules.php is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...
The vulnerability of the Cacti network monitoring software lies in the lack of security measures for the website structure. This allows attackers to execute XSS attacks and execute arbitrary code.
The vulnerability of the Cacti network monitoring software is related to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks and execute arbitrary code...
The vulnerability of the displaySettings function in the Cacti network monitoring software allows a hacker to execute cross-site scripting.
The vulnerability of the displaySettings function in the Cacti network monitoring software relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability can allow a malicious actor to execute cross-site scripting using forged cookie files...
DEBIAN-CVE-2024-31460
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in createallheadernodes function from lib/apiautomation.php , finally resulti...