CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-23359

Malware in sbrugna...

8.8CVSS9.1AI score0.01924EPSS

Exploits1References10

NVD•added 2023/12/22 5:15 p.m.•17 views

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

6.1CVSS0.0102EPSS

Exploits1References5

Prion•added 2023/12/22 5:15 p.m.•30 views

Cross site scripting

4.3CVSS6.5AI score0.0102EPSS

Exploits2References3Affected Software1

UbuntuCve•added 2023/12/22 5:15 p.m.•19 views

CVE-2023-49088

6.1CVSS6.6AI score0.0102EPSS

Exploits1References2

Cvelist•added 2023/12/22 4:16 p.m.•31 views

CVE-2023-49088 Cacti has incomplete fix for CVE-2023-39515

6.1CVSS7.8AI score0.0102EPSS

Exploits1References5

Debian CVE•added 2023/12/22 4:16 p.m.•68 views

CVE-2023-49088

6.1CVSS5.6AI score0.0102EPSS

Exploits1

CVE•added 2023/12/22 4:16 p.m.•82 views

CVE-2023-49088

Cacti vulnerability CVE-2023-49088 stems from an incomplete fix for CVE-2023-39515 in version 1.2.25, allowing an authenticated user with General Administration>Sites/Devices/Data to trigger a cross-site scripting (XSS) in the victim’s browser when hovering over the data source path in data_de...

6.1CVSS6.6AI score0.0102EPSS

Exploits1References5Affected Software1

CNNVD•added 2023/12/22 12:0 a.m.•1 views

Cacti security breach

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A security vulnerability exists in Cacti 1.2.25 and earlier versions, which...

6.1CVSS7.1AI score0.0102EPSS

Exploits1References5

SUSE CVE•added 2023/09/07 2:34 a.m.•1 views

SUSE CVE-2023-39515

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...

6.1CVSS5.6AI score0.00294EPSS

Exploits1References5

Vulnrichment•added 2023/09/05 8:6 p.m.•1 views

CVE-2023-39515 Stored Cross-site Scripting on data_debug.php datasource path view in Cacti

6.1CVSS5AI score0.00294EPSS

Exploits1References6

Veracode•added 2021/01/21 4:50 a.m.•25 views

SQL Injection

Cacti is vulnerable to SQL injection. An attacker can inject malicious SQL code in datadebug.php...

8.8CVSS2.8AI score0.01924EPSS

Exploits1References10Affected Software1

CNVD•added 2021/01/12 12:0 a.m.•1 views

Cacti SQL Injection Vulnerability (CNVD-2021-02999)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A SQL injection vulnerability exists in datadebug.php in Cacti. An attacker can exploit this vulnerability to execute arbitrary SQL commands via the siteid...

8.8CVSS9.9AI score0.01924EPSS

Exploits1References1

OSV•added 2021/01/11 4:15 p.m.•2 views

DEBIAN-CVE-2020-35701

An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in datadebug.php allows remote authenticated attackers to execute arbitrary SQL commands via the siteid parameter. This can lead to remote code execution...

8.8CVSS9.6AI score0.01924EPSS

Exploits1References1

Prion•added 2021/01/11 4:15 p.m.•13 views

Sql injection

6.5CVSS8.8AI score0.01924EPSS

Exploits1References6Affected Software2

OSV•added 2021/01/11 4:15 p.m.•0 views

UBUNTU-CVE-2020-35701

8.8CVSS7.8AI score0.01924EPSS

Exploits1References5

Debian CVE•added 2021/01/11 3:57 p.m.•23 views

CVE-2020-35701