Linux Distros Unpatched Vulnerability : CVE-2023-49088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables ...

SUSE CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

DEBIAN-CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

UBUNTU-CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

UBUNTU-CVE-2023-39515

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...

PT-2023-8200 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.25 Description: The issue exists due to inadequate protection of the web page structure, allowing a remote attacker to execute arbitrary code. This can be achieved through a cross-site scripting attack when a victi...

PT-2023-4940 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.25 Description: The issue exists due to inadequate protection of the web page structure in the data debug.php script of the Cacti network monitoring tool. This allows a remote attacker to conduct cross-site scripti...

SUSE CVE-2020-35701

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...

PT-2021-11829 · Cacti +4 · Cacti +4

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.x through 1.2.16 Description: A SQL injection issue in data debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site id parameter, potentially leading to remote code execution...

CVE-2016-8889

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 fixed in v0.13.1.knots20161027, the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history...