Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2016/04/26 12:0 a.m.43 views

Cacti <= 0.8.8f Multiple Vulnerabilities - Windows

Cacti is prone to multiple vulnerabilities. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.02319EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2016/03/25 12:0 a.m.39 views

Amazon Linux AMI : cacti (ALAS-2016-673)

Various cross-site scripting XSS flaws CVE-2013-5588 , CVE-2014-5025 , CVE-2014-5026 and various SQL injection flaws CVE-2013-5589 , CVE-2015-4342 , CVE-2015-4634 , CVE-2015-8377 , CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS vulnerability in...

8.8CVSS8AI score0.03227EPSS
Exploits7References11
Amazon
Amazon
added 2016/03/24 12:0 a.m.63 views

Medium: cacti

Issue Overview: Various cross-site scripting XSS flaws CVE-2013-5588, CVE-2014-5025, CVE-2014-5026 and various SQL injection flaws CVE-2013-5589, CVE-2015-4342, CVE-2015-4634, CVE-2015-8377, CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS...

8.8CVSS8.6AI score0.03227EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2016/02/29 12:0 a.m.32 views

Debian DSA-3494-1 : cacti - security update

Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphsnew.php script to execute arbitrary SQL commands on the database. %NASLMINLEVEL 70300 C Tenable Network...

8.8CVSS8.5AI score0.02315EPSS
Exploits3References5
ArchLinux
ArchLinux
added 2016/02/28 12:0 a.m.42 views

cacti: sql injection

CVE-2015-8604 sql injection SQL injection in graphsnew.php. - CVE-2015-8377 sql injection SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php. - CVE-2015-8369 sql injection SQL injection in graph.php...

7.5CVSS2.1AI score0.02319EPSS
Exploits7References3
Debian
Debian
added 2016/02/27 8:13 p.m.31 views

[SECURITY] [DSA 3494-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3494-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2016 https://www.debian.org/security/faq -...

6.5CVSS2.7AI score0.02315EPSS
Exploits3
FreeBSD
FreeBSD
added 2016/02/21 12:0 a.m.28 views

cacti -- multiple vulnerabilities

The Cacti Group, Inc. reports: Changelog bug:0002652: CVE-2015-8604: SQL injection in graphsnew.php bug:0002655: CVE-2015-8377: SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php bug:0002656: Authentication using web authentication as a user not in the cacti database...

8.8CVSS9.4AI score0.02686EPSS
Exploits3References5
OSV
OSV
added 2015/12/15 9:59 p.m.8 views

CVE-2015-8377

SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selectedgraphsarray parameter in a save action...

8.8AI score
Exploits0References4
NVD
NVD
added 2015/12/15 9:59 p.m.19 views

CVE-2015-8377

SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selectedgraphsarray parameter in a save action...

6.5CVSS8.8AI score0.01695EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2015/12/15 9:59 p.m.20 views

CVE-2015-8377

SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selectedgraphsarray parameter in a save action...

6.5CVSS7.5AI score0.01695EPSS
Exploits1References3
CVE
CVE
added 2015/12/15 9:0 p.m.86 views

CVE-2015-8377

CVE-2015-8377 affects Cacti up to version 0.8.8f. The vulnerability is a SQL injection in the host_new_graphs_save function (graphs_new.php) that allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter during a save ac...

6.5CVSS8.7AI score0.01695EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder