15 matches found
RHSA-2010:0635 Red Hat Security Advisory: Red Hat High Performance Computing (HPC) Solution 5.5
Bulletin has no description...
CVE-2010-2544
Cross-site scripting XSS vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 hostname or 2 description parameter to host.php, or 3 the hostid paramet...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...
CVE-2010-1644
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 hostname or 2 description parameter to host.php, or 3 the hostid paramet...
Design/Logic Flaw
Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in 1 the FQDN field of a Device or 2 the Vertical Label field of a Graph Template...
CVE-2010-2545
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...
CVE-2010-2545
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...
CVE-2010-1645
Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in 1 the FQDN field of a Device or 2 the Vertical Label field of a Graph Template...
CVE-2010-1644
CVE-2010-1644 corresponds to multiple XSS vulnerabilities in Cacti prior to 0.8.7f (affecting host.php parameters: hostname, description; and data_sources.php host_id). The exposed product is Cacti, used in HPC solutions and other deployments. Impact is remote script/HTML injection leading to ses...
CVE-2010-2545
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...
CVE-2010-2544
CVE-2010-2544 affects Cacti prior to 0.8.7g, where utilities.php fails to sanitize a filter parameter, enabling a remote attacker to inject arbitrary web script via XSS. The issue is publicly discussed across multiple advisories (Gentoo GLSA 201401-20, OpenVAS/CACTI plugins) and is associated wit...
CVE-2010-2545
Cacti before 0.8.7g contains multiple XSS vulnerabilities (including CVE-2010-2545) in various templates and admin paths. The GLSA notes remote script injection and the need to upgrade to the 0.8.8+ series as remediation; affected vectors include template name and numerous PHP/graph-related compo...
CVE-2010-1644
Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 hostname or 2 description parameter to host.php, or 3 the hostid paramet...
CVE-2010-2544
Cross-site scripting XSS vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...