CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-4924

Malware in sbrugna...

3.5CVSS8.6AI score0.00453EPSS

Exploits1References12

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28240

Malware in sbrugna...

6.1CVSS6.1AI score0.03534EPSS

Exploits1References13

Debian CVE•added 2023/09/05 9:9 p.m.•25 views

CVE-2023-39516

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...

6.1CVSS5.3AI score0.00324EPSS

Exploits1

OSV•added 2020/01/16 4:15 a.m.•26 views

CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

6.1CVSS5.9AI score

Exploits0References11

NVD•added 2020/01/16 4:15 a.m.•14 views

CVE-2020-7106

6.1CVSS7AI score0.03534EPSS

Exploits1References11

CVE•added 2020/01/16 3:55 a.m.•271 views

CVE-2020-7106

CVE-2020-7106 affects Cacti 1.2.8, with stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php; root cause is improper escaping/display of a raw string from the database (via $header). Public advisori...

6.1CVSS6.7AI score0.03534EPSS

Exploits1References11Affected Software1

Debian CVE•added 2020/01/16 3:55 a.m.•32 views

CVE-2020-7106

6.1CVSS5.8AI score0.03534EPSS

Exploits1

NVD•added 2017/07/17 1:18 p.m.•17 views

CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

6.1CVSS6.3AI score0.00196EPSS

Exploits0References1

CVE•added 2017/07/13 8:0 p.m.•55 views

CVE-2017-1000032

CVE-2017-1000032 : XSS in Cacti 0.8.8b allows remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and the drp_action parameter to data_sources.php. The connected notices (SU̲SE, NVD, CNVD, OSV, etc.) consistently describe the vulnerability in Cacti 0.8.8...

6.1CVSS6.6AI score0.00196EPSS

Exploits0References1Affected Software1

Cvelist•added 2017/07/13 8:0 p.m.•18 views

CVE-2017-1000032

6.7AI score0.00196EPSS

Exploits0References1

Debian CVE•added 2014/10/20 5:0 p.m.•30 views

CVE-2014-5025

Cross-site scripting XSS vulnerability in datasources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the namecache parameter in a dsedit action...

3.5CVSS7.2AI score0.00453EPSS

Exploits1

Debian CVE•added 2014/07/03 2:0 p.m.•23 views

CVE-2014-4002

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...

4.3CVSS7.9AI score0.00431EPSS

Exploits0

CVE•added 2010/08/23 8:0 p.m.•84 views

CVE-2010-2545

Cacti before 0.8.7g contains multiple XSS vulnerabilities (including CVE-2010-2545) in various templates and admin paths. The GLSA notes remote script injection and the need to upgrade to the 0.8.8+ series as remediation; affected vectors include template name and numerous PHP/graph-related compo...

4.3CVSS5.2AI score0.01797EPSS

Exploits1References14Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by