Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/25 10:39 p.m.41 views

CVE-2026-40083 Cacti: SQL Injection in managers.php

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

7.2CVSS0.00279EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/27 4:12 a.m.8 views

SUSE CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file 'managers.php'. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS7.4AI score0.09022EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/01/02 12:0 a.m.7 views

The vulnerability of the SNMP Notification Receiver function in the managers.php script of the Cacti network monitoring software allows a hacker to execute arbitrary SQL code.

The vulnerability of the SNMP Notification Receiver function in the managers.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending...

9CVSS8.1AI score0.09022EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/22 5:15 p.m.8 views

UBUNTU-CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS5.9AI score0.09022EPSS
Exploits1References3
Rows per page
Query Builder