9 matches found
Amazon Linux AMI : cacti (ALAS-2016-673)
Various cross-site scripting XSS flaws CVE-2013-5588 , CVE-2014-5025 , CVE-2014-5026 and various SQL injection flaws CVE-2013-5589 , CVE-2015-4342 , CVE-2015-4634 , CVE-2015-8377 , CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS vulnerability in...
Medium: cacti
Issue Overview: Various cross-site scripting XSS flaws CVE-2013-5588, CVE-2014-5025, CVE-2014-5026 and various SQL injection flaws CVE-2013-5589, CVE-2015-4342, CVE-2015-4634, CVE-2015-8377, CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS...
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
CVE-2015-4634
CVE-2015-4634 is a SQL injection vulnerability in Cacti’s graphs.php. The issue allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter in versions prior to 0.8.8e. Public advisories (openSUSE-2015-510, ALAS-2016-673, Debian DSA-3312, CNVD/CVE records) confirm t...
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
openSUSE Security Update : cacti (openSUSE-2015-510)
Cacti was updated to 0.8.8e to fix several security issues. The following vulnerabilities were fixed : - Multiple XSS and SQL injection vulnerabilities boo937997 - CVE-2015-4634: SQL injection in graphs.php boo937997 In addition, this update contains upstream bug fixes. %NASLMINLEVEL 70300 C...
Debian DSA-3312-1 : cacti - security update
Multiple SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3312. The text itself i...
FreeBSD : cacti -- Multiple XSS and SQL injection vulnerabilities (0bfda05f-2e6f-11e5-a4a5-002590263bf5)
The Cacti Group, Inc. reports : Important Security Fixes - Multiple XSS and SQL injection vulnerabilities - CVE-2015-4634 - SQL injection in graphs.php Changelog - bug: Fixed various SQL Injection vectors - bug0002574: SQL Injection Vulnerabilities in graph items and graph template items -...