EUVD-2015-4365

Malware in sbrugna...

EUVD-2010-1459

Malware in sbrugna...

CVE-2025-26520

A flaw was found in Cacti. This vulnerability allows SQL injection via the graphtemplate parameter in the hosttemplates.php file. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of us...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-24368 Cacti has a SQL Injection vulnerability when using tree rules through Automation API

Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...

CVE-2025-24368 Cacti has a SQL Injection vulnerability when using tree rules through Automation API

Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...

CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-54145 Cacti has a SQL Injection vulnerability when request automation devices

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-54145 Cacti has a SQL Injection vulnerability when request automation devices

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-54146

Cacti (open source performance/fault management) is affected by a SQL injection in the template function host_templates.php via the graph_template parameter. The issue is tied to CVE-2024-54146 and is noted as due to an incomplete fix, with the vulnerability present up to version 1.2.29. The CVSS...

CVE-2024-54146 Cacti has a SQL Injection vulnerability when view host template

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of hosttemplates.php using the graphtemplate parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-31458 Cacti SQL Injection vulnerability in lib/html_form_templates.php by reading dirty data stored in database

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in formsave function in graphtemplateinputs.php is not thoroughly checked and is used to concatenate the SQL statement in drawnontemplatedfieldsgraphitem function from...

UBUNTU-CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

UBUNTU-CVE-2023-39361

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...

Cacti <= 0.8.7e - SQL Injection

No description provided by source. he following is a Proof of Concept POST request: POST /cacti-0.8.7e/templatesexport.php HTTP/1.1 Host: 192.168.1.107 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0...

CVE-2004-1737

SQL injection vulnerability in authlogin.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username or 2 password parameters...

FreeBSD : cacti -- SQL injection (23)

The following package needs to be updated: cacti %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgca543e06207a11d9814e0001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...