12 matches found
EUVD-2019-7272
Malware in sbrugna...
SUSE CVE-2023-37543
Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...
CVE-2023-37543
Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...
DEBIAN-CVE-2023-37543
Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...
UBUNTU-CVE-2023-37543
Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...
PT-2023-5432 · Cacti +1 · Cacti +1
Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.6 Description: The issue is related to an Insecure Direct Object Reference IDOR in the graph xport.php component, allowing unauthorized access to any graph via a modified local graph id parameter. This can enable a...
SUSE CVE-2007-6035
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
SUSE CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...
SUSE CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
UBUNTU-CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
PT-2019-5225 · Cacti +2 · Cacti +2
Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.7 Description: The issue is related to an authorization check error in the local graph id function of the Cacti server monitoring system. This allows a remote attacker to potentially access confidential data by...
DEBIAN-CVE-2015-0916
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...