8 matches found
Cacti <= 0.8.8f Multiple Vulnerabilities - Windows
Cacti is prone to multiple vulnerabilities. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2015-8604
SQL injection vulnerability in the hostnewgraphs function in graphsnew.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cgg parameter in a save action...
Amazon Linux AMI : cacti (ALAS-2016-673)
Various cross-site scripting XSS flaws CVE-2013-5588 , CVE-2014-5025 , CVE-2014-5026 and various SQL injection flaws CVE-2013-5589 , CVE-2015-4342 , CVE-2015-4634 , CVE-2015-8377 , CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS vulnerability in...
Medium: cacti
Issue Overview: Various cross-site scripting XSS flaws CVE-2013-5588, CVE-2014-5025, CVE-2014-5026 and various SQL injection flaws CVE-2013-5589, CVE-2015-4342, CVE-2015-4634, CVE-2015-8377, CVE-2015-8604 were discovered affecting versions of Cacti prior to 0.8.8g. Cross-site scripting XSS...
Debian DSA-3494-1 : cacti - security update
Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphsnew.php script to execute arbitrary SQL commands on the database. %NASLMINLEVEL 70300 C Tenable Network...
cacti: sql injection
CVE-2015-8604 sql injection SQL injection in graphsnew.php. - CVE-2015-8377 sql injection SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php. - CVE-2015-8369 sql injection SQL injection in graph.php...
[SECURITY] [DSA 3494-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3494-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2016 https://www.debian.org/security/faq -...
cacti -- multiple vulnerabilities
The Cacti Group, Inc. reports: Changelog bug:0002652: CVE-2015-8604: SQL injection in graphsnew.php bug:0002655: CVE-2015-8377: SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php bug:0002656: Authentication using web authentication as a user not in the cacti database...