EUVD-2023-41430

Malicious code in bioql PyPI...

CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

SUSE CVE-2014-2708

Multiple SQL injection vulnerabilities in graphxport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the 1 graphstart, 2 graphend, 3 graphheight, 4 graphwidth, 5 graphnolegend, 6 printsource, 7 localgraphid, or 8 rraid parameter...

Cacti <= 0.8.7 graph_xport.php local_graph_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting...

Cacti 'graph_xport.php' SQL注入漏洞

Bugtraq ID:66555 Cacti是一套基于PHP,MySQL,SNMP及RRDTool开发的网络流量监测图形分析工具。 Cacti 'graphxport.php'存在SQL注入漏洞，成功利用后可使攻击者执行未授权数据库操作。 0 Cacti 0.8.8b 目前厂商已经发布了升级补丁以修复漏洞，请下载使用： http://cacti.net/...

CVE-2008-0785

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the 1 graphlist parameter to graphview.php, 2 leafid and id parameters to tree.php, 3 localgraphid parameter to graphxport.php, and 4...