CVE-2007-3112

graphimage.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service CPU consumption via a large value of the 1 graphstart or 2 graphend parameter, different vectors than CVE-2007-3113...

CVE-2007-3112

graphimage.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service CPU consumption via a large value of the 1 graphstart or 2 graphend parameter, different vectors than CVE-2007-3113...

CVE-2007-3112

CVE-2007-3112 affects Cacti 0.8.6i and possibly other versions, where remote authenticated users can cause CPU-based denial of service by sending large values for graph_start or graph_end in graph_image.php (different vectors than CVE-2007-3113). The issue relates to input handling in graph rende...

CVE-2005-2148

Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the...

Cacti 0.8.6d - Remote Command Execution

Cacti 0.8.6d - Remote Command Execution Note: This exploit contains backdoor shell code that is not located on this server. /str0ke !/usr/bin/perl Remote Command Execution Exploit for Cacti http://www.example.com/cacti/graphimage.php?localgraphid=validvalue&graphstart=%0acommand%0a Patch: downloa...