Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-13269

Malware in sbrugna...

4.8CVSS5.5AI score0.00583EPSS
Exploits1References9
Veracode
Veracodeadded 2023/12/28 8:43 a.m.34 views

SQL Injection

Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...

8.8CVSS7.3AI score0.91404EPSS
Exploits4References6Affected Software1
OSV
OSVadded 2023/12/22 5:15 p.m.1 views

DEBIAN-CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS9.2AI score0.91404EPSS
Exploits4References1
NVD
NVDadded 2023/12/22 5:15 p.m.16 views

CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS0.91404EPSS
Exploits4References5
ATTACKERKB
ATTACKERKBadded 2023/12/22 5:15 p.m.1 views

CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS7.6AI score0.91404EPSS
Exploits4References7Affected Software1
Prion
Prionadded 2023/12/22 5:15 p.m.26 views

Design/Logic Flaw

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

6.5CVSS8.3AI score0.91404EPSS
Exploits4References3Affected Software1
OSV
OSVadded 2023/12/22 5:15 p.m.0 views

UBUNTU-CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS7.6AI score0.91404EPSS
Exploits4References3
Debian CVE
Debian CVEadded 2023/12/22 4:13 p.m.30 views

CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS9.1AI score0.91404EPSS
Exploits4
AlpineLinux
AlpineLinuxadded 2023/12/22 4:13 p.m.29 views

CVE-2023-49085

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS9.1AI score0.91404EPSS
Exploits4References4
OSV
OSVadded 2023/12/22 4:13 p.m.24 views

CVE-2023-49085 Cacti SQL Injection vulnerability

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS9.7AI score0.91404EPSS
Exploits4References7
Cvelist
Cvelistadded 2023/12/22 4:13 p.m.19 views

CVE-2023-49085 Cacti SQL Injection vulnerability

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...

8.8CVSS9.2AI score0.91404EPSS
Exploits4References5
CNNVD
CNNVDadded 2023/12/22 12:0 a.m.3 views

Cacti SQL Injection Vulnerability

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data through snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti 1.2.25 and earlier versions have a SQL injection vulnerability th...

8.8CVSS8.3AI score0.91404EPSS
Exploits4References5
SUSE CVE
SUSE CVEadded 2023/02/15 4:20 a.m.1 views

SUSE CVE-2018-20724

A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...

4.8CVSS5.2AI score0.00583EPSS
Exploits1References7
CNVD
CNVDadded 2019/01/17 12:0 a.m.2 views

Cacti cross-site scripting vulnerability (CNVD-2019-14552)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostnam' field of the pollers.php file in versions of Cacti prior to 1.2.0, which stems from the...

4.8CVSS7.1AI score0.00583EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2019/01/16 4:29 p.m.26 views

CVE-2018-20724

A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...

4.8CVSS6.3AI score0.00583EPSS
Exploits1References4
NVD
NVDadded 2019/01/16 4:29 p.m.17 views

CVE-2018-20724

A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...

4.8CVSS5.5AI score0.00583EPSS
Exploits1References7
Prion
Prionadded 2019/01/16 4:29 p.m.22 views

Cross site scripting

A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...

3.5CVSS4.8AI score0.00583EPSS
Exploits1References7Affected Software1
CVE
CVEadded 2019/01/16 4:0 p.m.155 views

CVE-2018-20724

CVE-2018-20724 is a cross-site scripting (XSS) vulnerability in Cacti before 1.2.0, caused by a lack of escaping unintended characters in the Website Hostname used by Data Collectors (pollers.php). Public documentation confirms fixes in later releases: cacti-spine updated to 1.2.9 (openSUSE/SUSE ...

4.8CVSS5.8AI score0.00583EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder