9 matches found
USN-5214-1: Cacti vulnerabilities
It was discovered that Cacti was incorrectly validating permissions for user accounts that had been recently disabled. An authenticated attacker could possibly use this to obtain unauthorized access to application and system data. CVE-2020-13230 It was discovered that Cacti was incorrectly...
Fedora: Security Advisory for cacti-spine (FEDORA-2021-6dfba2aabf)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for cacti (FEDORA-2021-6dfba2aabf)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for cacti-spine (FEDORA-2021-0e0fd08e44)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GLSA-202101-31 : Cacti: Remote code execution
The remote host is affected by the vulnerability described in GLSA-202101-31 Cacti: Remote code execution The sideid parameter in datadebug.php does not properly verify input allowing SQL injection. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the proces...
CVE-2020-35701
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...
CVE-2020-35701
CVE-2020-35701 affects Cacti 1.2.x through 1.2.16. A SQL injection in data_debug.php via the site_id parameter allows remote authenticated attackers to execute arbitrary SQL commands, with potential remote code execution. Remediation: upgrade to Cacti 1.2.17 (or apply vendor patches) as indicated...
CVE-2020-35701
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...
CVE-2020-35701
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...