Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-7272

Malware in sbrugna...

4.3CVSS5.4AI score0.01468EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/08/12 2:10 a.m.3 views

SUSE CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

7.5CVSS9.2AI score0.00735EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/08/10 3:15 p.m.4 views

CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

7.5CVSS6.4AI score0.01468EPSS
Exploits0References4
OSV
OSV
added 2023/08/10 3:15 p.m.3 views

DEBIAN-CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

7.5CVSS8.2AI score0.00735EPSS
Exploits0References1
OSV
OSV
added 2023/08/10 3:15 p.m.2 views

UBUNTU-CVE-2023-37543

Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...

7.5CVSS7.2AI score0.00735EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/08/10 12:0 a.m.4 views

PT-2023-5432 · Cacti +1 · Cacti +1

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.6 Description: The issue is related to an Insecure Direct Object Reference IDOR in the graph xport.php component, allowing unauthorized access to any graph via a modified local graph id parameter. This can enable a...

9.8CVSS6.2AI score0.99826EPSS
Exploits131References156
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.7 views

SUSE CVE-2007-6035

SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...

7.5CVSS8.8AI score0.01796EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.4 views

SUSE CVE-2008-0784

graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...

5CVSS7AI score0.02216EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.3 views

SUSE CVE-2015-4634

SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...

7.5CVSS9.4AI score0.02178EPSS
Exploits1References3
OSV
OSV
added 2019/09/23 3:15 p.m.1 views

UBUNTU-CVE-2019-16723

In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...

4.3CVSS6.5AI score0.01468EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/09/23 12:0 a.m.3 views

PT-2019-5225 · Cacti +2 · Cacti +2

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.7 Description: The issue is related to an authorization check error in the local graph id function of the Cacti server monitoring system. This allows a remote attacker to potentially access confidential data by...

9.8CVSS6.1AI score0.99826EPSS
Exploits163References248
OSV
OSV
added 2015/05/22 12:59 a.m.3 views

DEBIAN-CVE-2015-0916

SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...

6.5CVSS8.7AI score0.01084EPSS
Exploits0References1
Rows per page
Query Builder