CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

Tenable Nessus•added 2025/08/27 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-39360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

6.1CVSS6.1AI score0.00629EPSS

Exploits1References2

Tenable Nessus•added 2025/08/26 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2022-41444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting XSS vulnerability in Cacti 1.2.21 via crafted POST request to graphsnew.php. CVE-2022-41444 Note that Nessus relies on the presence of the...

6.1CVSS6.4AI score0.00285EPSS

Exploits1References2

Prion•added 2023/12/22 12:15 a.m.•22 views

Design/Logic Flaw

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. Bypassing an earlier fix CVE-2023-39360 that leads to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the...

4.9CVSS6.5AI score0.00949EPSS

Exploits2References1Affected Software1

UbuntuCve•added 2023/12/22 12:15 a.m.•43 views

CVE-2023-49086

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an...

5.4CVSS6.2AI score0.00949EPSS

Exploits1References2

Debian CVE•added 2023/12/21 11:29 p.m.•35 views

CVE-2023-49086

5.4CVSS5.5AI score0.00949EPSS

Exploits1

AlpineLinux•added 2023/12/21 11:29 p.m.•37 views

CVE-2023-49086

6.1CVSS7.4AI score0.00949EPSS

Exploits2References4

OSV•added 2023/12/21 11:29 p.m.•31 views

CVE-2023-49086 Cacti is vulnerable to cross-Site scripting (XSS) DOM

5.4CVSS5.4AI score0.00949EPSS

Exploits1References6

NVD•added 2023/09/05 10:15 p.m.•15 views

CVE-2023-30534

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory phpseclib, the necessary gadgets are not included, making them inaccessible an...

4.3CVSS4.9AI score0.5495EPSS

Exploits1References5

Cvelist•added 2023/09/05 9:21 p.m.•16 views

CVE-2023-30534 Insecure Deserialization in Cacti

4.3CVSS7.2AI score0.5495EPSS

Exploits1References5

AlpineLinux•added 2023/09/05 9:21 p.m.•12 views

CVE-2023-30534

4.3CVSS7AI score0.5495EPSS

Exploits1References5

UbuntuCve•added 2023/09/05 9:15 p.m.•21 views

CVE-2023-39360

Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data. The vulnerability is found in graphsnew.php. Several validations are performed, but the...

6.1CVSS6.1AI score0.00629EPSS

Exploits1References2

Prion•added 2023/09/05 9:15 p.m.•25 views

Cross site scripting

5.8CVSS7.1AI score0.00629EPSS

Exploits1References4Affected Software2

Cvelist•added 2023/09/05 8:43 p.m.•22 views

CVE-2023-39360 Reflected Cross-site Scripting in graphs_new.php in Cacti

6.1CVSS7.1AI score0.00629EPSS

Exploits1References5

Debian CVE•added 2023/09/05 8:43 p.m.•20 views

CVE-2023-39360