Cross Site Scripting(XSS)

cacti:sid library is vulnerable of Cross Site Scripting. The vulnerability is due to execution of arbitrary Java script code in the attacked user's browser by using vulnerable component is the graphsnew.php. It allows the attacker to execute of arbitrary Java script code and leads to DOM XSS atta...

SQL Injection (SQLi)

cacti:sid is a vulnerable of SQL Injection SQLi. The vulnerability due to receiving feature of SNMP Notification in the file ‘managers.php’. It leads to SQL Injection by allows the authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint...