8 matches found
Cacti 'data_input.php' Cross Site Scripting Vulnerability
Cacti is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...
Gentoo Security Advisory GLSA 200803-18 (cacti)
The remote host is missing updates announced in advisory GLSA 200803-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
[SECURITY] [DSA 1569-3] New cacti packages fix regression
------------------------------------------------------------------------ Debian Security Advisory DSA-1569-3 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 15, 2008 http://www.debian.org/security/faq -...
GLSA-200803-18 : Cacti: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200803-18 Cacti: Multiple vulnerabilities The following inputs are not properly sanitized before being processed: 'viewtype' parameter in the file graph.php, 'filter' parameter in the file graphview.php, 'action' and 'loginusernam...
CVE-2008-0783
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...
CVE-2008-0783
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...
CVE-2008-0783
Cacti is affected by multiple input-validation and XSS vulnerabilities (CVE-2008-0783 and related CVEs) in versions up to 0.8.7b and 0.8.6k. The OpenVAS/OpenVAS-derived notes identify several specific vectors for CVE-2008-0783: view_type in graph.php; filter in graph_view.php; action in lib/funct...
CVE-2008-0783
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via 1 the viewtype parameter to graph.php; 2 the filter parameter to graphview.php; 3 the action parameter to the drawnavigationtext...