Lucene search
+L

11 matches found

OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.39 views

Fedora: Security Advisory (FEDORA-2024-27a594f71d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.5AI score0.86303EPSS
Exploits35References12
Debian
Debian
added 2024/03/24 1:1 p.m.140 views

[SECURITY] [DSA 5646-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5646-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 24, 2024 https://www.debian.org/security/faq -...

8.8CVSS8.5AI score0.84628EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2024/03/24 12:0 a.m.40 views

Debian dsa-5646 : cacti - security update

The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5646 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5646...

8.8CVSS6.9AI score0.84628EPSS
Exploits11References17
Debian
Debian
added 2024/03/18 6:26 p.m.161 views

[SECURITY] [DLA 3765-1] cacti security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3765-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 18, 2024 https://wiki.debian.org/LTS -...

9.8CVSS9.2AI score0.87688EPSS
Exploits22
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.22 views

openSUSE Security Advisory (openSUSE-SU-2024:0031-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.84628EPSS
Exploits10References8
Rapid7 Blog
Rapid7 Blog
added 2024/02/09 7:35 p.m.50 views

Metasploit Weekly Wrap-Up 02/09/2024

Go go gadget Fortra GoAnywhere MFT Module This Metasploit release contains a module for one of 2024's hottest vulnerabilities to date: CVE-2024-0204. The path traversal vulnerability in Fortra GoAnywhere MFT allows for unauthenticated attackers to access the InitialAccountSetup.xhtml endpoint whi...

7.5CVSS8.6AI score0.95086EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/02/05 12:0 a.m.381 views

Cacti pollers.php SQL Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cacti RCE via SQLi in pollers.php', 'Description' = %q This exploit module leverages a SQLi CVE-2023-49085 and a LFI CVE-2023-49084 vulnerability...

8.8CVSS7.4AI score0.84628EPSS
Exploits5
0day.today
0day.today
added 2024/02/05 12:0 a.m.515 views

Cacti pollers.php SQL Injection / Remote Code Execution Exploit

This Metasploit exploit module leverages sql injection and local file inclusion vulnerabilities in Cacti versions prior to 1.2.26 to achieve remote code execution. Authentication is needed and the account must have access to the vulnerable PHP script pollers.php. This is granted by setting the...

8.8CVSS9.3AI score0.84628EPSS
Exploits5
Metasploit
Metasploit
added 2024/02/02 7:51 p.m.260 views

Cacti RCE via SQLi in pollers.php

This exploit module leverages a SQLi CVE-2023-49085 and a LFI CVE-2023-49084 vulnerability in Cacti versions prior to 1.2.26 to achieve RCE. Authentication is needed and the account must have access to the vulnerable PHP script pollers.php. This is granted by setting the Sites/Devices/Data...

8.8CVSS8.4AI score0.84628EPSS
Exploits5
Circl
Circl
added 2023/12/22 6:23 p.m.10 views

CVE-2023-49085

creationtimestamp| type| source ---|---|--- 2023-12-22 18:23:25+00:00| seen| https://t.me/ctinow/158512 2023-12-28 12:41:20+00:00| published-proof-of-concept| https://t.me/ptswarm/195 2023-12-29 21:17:21+00:00| seen| https://t.me/ctinow/160688 2024-02-02 17:02:14+00:00| seen|...

8.8CVSS8.5AI score0.84628EPSS
Exploits4References4
CVE
CVE
added 2023/12/22 4:13 p.m.85 views

CVE-2023-49085

CVE-2023-49085 affects Cacti up to 1.2.25 (pollers.php) via SQL injection in pollers.php, with public references describing an attack path leading to remote code execution when combined with other vulnerabilities. Exploitation is demonstrated in a Metasploit module (requires auth with Sites/Devic...

8.8CVSS8.9AI score0.84628EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder