CVE-2025-54893

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts templates configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

EUVD-2025-34227

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts templates configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

CVE-2025-54893

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts templates configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

CVE-2025-54893 A user with elevated privileges can inject XSS in the Hosts templates configuration page

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring Hosts templates configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

PT-2025-41959

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 23.10.0 through 23.10.28 Centreon Infra Monitoring versions 24.04.0 through 24.04.18 Centreon Infra Monitoring versions 24.10.0 through 24.10.13 Description A flaw exists in Centreon Infra Monitoring related ...

EUVD-2024-52314

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-54146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of hosttemplates.php using...

Linux Distros Unpatched Vulnerability : CVE-2025-26520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an...

The vulnerability of the template function in the Cacti network monitoring software’s host_templates.php file allows a hacker to access confidential data.

The vulnerability of the template function in the Cacti network monitoring software’s hosttemplates.php file is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

SUSE CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

DEBIAN-CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

UBUNTU-CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

Cacti 安全漏洞

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A security vulnerability exists in Cacti version 1.2.29, which stems from...

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...

PT-2025-6448 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions 1.2.29 and earlier Description: The issue allows SQL injection in the template function in host templates.php via the graph template parameter. This problem exists due to an incomplete fix for a previous issue. Recommendations:...

The vulnerability in the host_templates.php script of the Cacti network monitoring software allows a hacker to execute arbitrary code.

The vulnerability of the hosttemplates.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

SUSE CVE-2024-54146

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of hosttemplates.php using the graphtemplate parameter. This vulnerability is fixed in 1.2.29...