EUVD-2025-4207

Malicious code in bioql PyPI...

CVE-2024-54146 Cacti has a SQL Injection vulnerability when view host template

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of hosttemplates.php using the graphtemplate parameter. This vulnerability is fixed in 1.2.29...

FreeBSD : cacti -- Multiple XSS and SQL injection vulnerabilities (0bfda05f-2e6f-11e5-a4a5-002590263bf5)

The Cacti Group, Inc. reports : Important Security Fixes - Multiple XSS and SQL injection vulnerabilities - CVE-2015-4634 - SQL injection in graphs.php Changelog - bug: Fixed various SQL Injection vectors - bug0002574: SQL Injection Vulnerabilities in graph items and graph template items -...

CVE-2014-4002

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...

CVE-2010-2545

Cacti before 0.8.7g contains multiple XSS vulnerabilities (including CVE-2010-2545) in various templates and admin paths. The GLSA notes remote script injection and the need to upgrade to the 0.8.8+ series as remediation; affected vectors include template name and numerous PHP/graph-related compo...