Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/06/26 7:9 a.m.7 views

CVE-2026-40083

A flaw was found in Cacti. This vulnerability, a SQL Injection, allows a remote attacker with SNMP Simple Network Management Protocol agent management permissions to execute arbitrary SQL commands. The flaw occurs due to unsanitized deserialization of user-controlled input in the managers.php fil...

7.2CVSS6.1AI score0.00279EPSS
Exploits1References2
osv
osv
added 2026/06/25 11:17 p.m.3 views

DEBIAN-CVE-2026-40083

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

7.2CVSS5.9AI score0.00279EPSS
Exploits1References1
cve
cve
added 2026/06/25 10:39 p.m.23 views

CVE-2026-40083

Cacti 1.2.30 and earlier are impacted by an SQL Injection in managers.php. The vulnerability arises from unsanitized data flow: user-supplied selected_graphs_array is deserialized via cacti_unserialize (unserialize with allowed_classes = false), then deserialized values are directly concatenated ...

7.2CVSS6AI score0.00279EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52626

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An issue exists in the performance and fault management framework where improper handling of deserialized data leads to SQL Injection. In the 'managers.php' file, the application processes the selecte...

7.2CVSS5.9AI score0.00279EPSS
Exploits1References10
nessus
nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-51448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notificatio...

8.8CVSS7.3AI score0.09022EPSS
Exploits1References2
osv
osv
added 2023/10/27 10:15 p.m.0 views

DEBIAN-CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

6.5CVSS6.8AI score0.01412EPSS
Exploits1References1
osv
osv
added 2023/10/27 10:15 p.m.5 views

UBUNTU-CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

6.5CVSS6AI score0.01412EPSS
Exploits1References5
Rows per page
Query Builder