Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.35 views

Linux Distros Unpatched Vulnerability : CVE-2026-40083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in...

7.2CVSS7AI score0.00279EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 10:39 p.m.6 views

CVE-2026-40083

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

7.2CVSS6AI score0.00279EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/06/25 10:39 p.m.3 views

CVE-2026-40083 Cacti: SQL Injection in managers.php

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selecteditems by calling...

7.2CVSS7.1AI score0.00279EPSS
Exploits1References4
Rosalinux
Rosalinux
added 2024/11/26 11:45 a.m.14 views

Advisory ROSA-SA-2024-2535

software: cacti 1.2.25 AXIS: ROSA-CHROME packageevrstring: cacti-1.2.25-2 CVE-ID: CVE-2023-46490 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A SQL injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in managers.php. CVE-STATU...

6.5CVSS7.5AI score0.01412EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/02/06 12:0 a.m.41 views

Amazon Linux AMI : cacti (ALAS-2024-1915)

The version of cacti installed on the remote host is prior to 1.1.19-6.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1915 advisory. Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerabili...

8.8CVSS7.9AI score0.09022EPSS
Exploits1References4
Veracode
Veracode
added 2023/12/28 7:20 a.m.20 views

SQL Injection

Cacti is vulnerable to SQL Injection vulnerability. The vulnerability is due to improper sanitization and validation via the formactions function in the managers.php function. This issue can be exploited by an attacker to obtain sensitive information via SQL Injection...

6.5CVSS7.7AI score0.01412EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2023/12/27 7:38 p.m.47 views

SQL Injection (SQLi)

cacti:sid is a vulnerable of SQL Injection SQLi. The vulnerability due to receiving feature of SNMP Notification in the file ‘managers.php’. It leads to SQL Injection by allows the authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint...

8.8CVSS7.7AI score0.09022EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/12/22 5:15 p.m.18 views

CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS0.09022EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2023/12/22 5:15 p.m.39 views

CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS7.2AI score0.09022EPSS
Exploits1References2
Prion
Prion
added 2023/12/22 5:15 p.m.30 views

Sql injection

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

6.5CVSS8AI score0.09022EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2023/12/22 4:44 p.m.31 views

CVE-2023-51448

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS8.8AI score0.09022EPSS
Exploits1
Cvelist
Cvelist
added 2023/12/22 4:44 p.m.39 views

CVE-2023-51448 SQL Injection vulnerability when managing SNMP Notification Receivers

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS9AI score0.09022EPSS
Exploits1References3
CVE
CVE
added 2023/12/22 4:44 p.m.72 views

CVE-2023-51448

CVE-2023-51448 affects Cacti 1.2.25, where a Blind SQL Injection flaw exists in SNMP Notification Receivers within managers.php. An authenticated user with Settings/Utilities can craft a GET request to /cacti/managers.php carrying an SQLi payload in selected_graphs_array, enabling potentially una...

8.8CVSS8.7AI score0.09022EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/22 4:44 p.m.28 views

CVE-2023-51448 SQL Injection vulnerability when managing SNMP Notification Receivers

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...

8.8CVSS8.7AI score0.09022EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.5 views

Cacti SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data through snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti version 1.2.25 has a SQL injection vulnerability, the vulnerabili...

8.8CVSS8AI score0.09022EPSS
Exploits1References4
NVD
NVD
added 2023/10/27 10:15 p.m.23 views

CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

6.5CVSS6.6AI score0.01412EPSS
Exploits1References2
Prion
Prion
added 2023/10/27 10:15 p.m.21 views

Sql injection

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

4CVSS6.6AI score0.01412EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/27 12:0 a.m.13 views

CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

7.8AI score0.01412EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/10/27 12:0 a.m.30 views

CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

6.5CVSS6.6AI score0.01412EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/10/27 12:0 a.m.5 views

PT-2023-30050 · Cacti +2 · Cacti +2

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.25 Description: The issue allows a remote attacker to obtain sensitive information via the form actions function in the managers.php file. Recommendations: For Cacti version 1.2.25, consider disabling the form actions functi...

8.8CVSS7.2AI score0.84628EPSS
Exploits9References37
Rows per page
Query Builder