Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Packet Storm
Packet Stormadded 2026/03/23 12:0 a.m.123 views

📄 OpenEMR 8.0.0 Authenticated SQL Injection

OpenEMR version 8.0.0 authenticated remote SQL injection exploit that leverages the name parameter in ajax/graphs.php. ====================================================================================================================== | Title : OpenEMR 8.0.0 Authenticated SQL Injection via nam...

8.8CVSS5.9AI score0.00327EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-17357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti through 1.2.7 is affected by a graphs.php?templateid= SQL injection vulnerability affecting how template identifiers are handled when a string and id...

6.5CVSS6.5AI score0.35041EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2023/09/13 12:0 a.m.3 views

The vulnerability of the ajax_hosts() and ajax_hosts_noany() functions (graphs.php) of the Cacti network monitoring tool allows a hacker to execute arbitrary SQL queries.

The vulnerability of the ajaxhosts and ajaxhostsnoany functions graphs.php of the Cacti network monitoring tool is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries using a specially...

9CVSS8.2AI score0.01689EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2023/09/05 9:15 p.m.1 views

DEBIAN-CVE-2023-39359

Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the graphs.php file. When dealing wit...

8.8CVSS9.7AI score0.01689EPSS
Exploits1References1
OSV
OSVadded 2023/09/05 9:15 p.m.2 views

UBUNTU-CVE-2023-39359

Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the graphs.php file. When dealing wit...

8.8CVSS7.5AI score0.01689EPSS
Exploits1References3
OSV
OSVadded 2020/01/21 7:15 p.m.1 views

UBUNTU-CVE-2019-17357

Cacti through 1.2.7 is affected by a graphs.php?templateid= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, ...

6.5CVSS6.7AI score0.35041EPSS
Exploits0References4
Rows per page
Query Builder