CVE-2022-41444

Cross Site Scripting XSS vulnerability in Cacti 1.2.21 via crafted POST request to graphsnew.php...

SUSE CVE-2023-49086

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an...

Cacti 跨站脚本漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . Cacti versions prior to 1.2.26 cross-site scripting vulnerability ,...

The vulnerability of the graphs_new.php component in the Cacti network monitoring software allows a hacker to perform cross-site scripting attacks.

The vulnerability of the graphsnew.php component in the Cacti network monitoring software is related to the lack of security measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

SUSE CVE-2023-39360

Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data. The vulnerability is found in graphsnew.php. Several validations are performed, but the...

DEBIAN-CVE-2023-30534

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory phpseclib, the necessary gadgets are not included, making them inaccessible an...

UBUNTU-CVE-2023-30534

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory phpseclib, the necessary gadgets are not included, making them inaccessible an...

DEBIAN-CVE-2023-39360

Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data. The vulnerability is found in graphsnew.php. Several validations are performed, but the...

PT-2023-5429 · Cacti · Cacti

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.21 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It can be exploited via a crafted POST request to the "graphs new.php" endpoint. This vulnerability may allow a remote attacker to perform...

Cacti 跨站脚本漏洞

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool uses snmpget to obtain data, uses RRDtool to draw graphs for analysis, and provides data and user management features. A cross-site scripting vulnerability exists in Cacti version 1.2.21, whi...

UBUNTU-CVE-2015-8377

SQL injection vulnerability in the hostnewgraphssave function in graphsnew.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selectedgraphsarray parameter in a save action...