21 matches found
EUVD-2015-0924
Malware in sbrugna...
EUVD-2008-0791
Malware in sbrugna...
EUVD-2023-41430
Malicious code in bioql PyPI...
Cacti security breach
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. A security vulnerability exists in Cacti versions prior to 1.2.6, which ste...
SUSE CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
The vulnerability of the local_graph_id function in the Cacti server monitoring system allows unauthorized access by bypassing authentication using a user-controlled key. This enables attackers to gain access to confidential data.
The vulnerability of the localgraphid function in the Cacti server monitoring system is related to an authentication check error for viewing graphs. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...
CVE-2019-16723
In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
DEBIAN-CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
UBUNTU-CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
Sql injection
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...
CVE-2015-0916
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...
Sql injection
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...
CVE-2015-0916
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the localgraphid parameter, a different vulnerability than CVE-2007-6035...
CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...
CVE-2008-0785
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the 1 graphlist parameter to graphview.php, 2 leafid and id parameters to tree.php, 3 localgraphid parameter to graphxport.php, and 4...
CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...
DEBIAN-CVE-2008-0784
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid localgraphid parameter and other unspecified vectors...
DEBIAN-CVE-2007-6035
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the localgraphid parameter...