19 matches found
EUVD-2018-13269
Malware in sbrugna...
The vulnerability of the pollers.php script, a network monitoring software, allows a hacker to execute arbitrary code.
The vulnerability of the pollers.php script, a network monitoring software, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
SQL Injection
Cacti is vulnerable to SQL Injection. The vulnerability is due to a lack of input sanitization in pollers.php script. This allows an attacker to potentially execute malicious SQL code, resulting in a SQL injection...
CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
DEBIAN-CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
Design/Logic Flaw
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
UBUNTU-CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
CVE-2023-49085 Cacti SQL Injection vulnerability
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
CVE-2023-49085 Cacti SQL Injection vulnerability
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
CVE-2023-49085
Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the pollers.php script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the pollers.php. Impact of...
Cacti SQL Injection Vulnerability
Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data through snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti 1.2.25 and earlier versions have a SQL injection vulnerability th...
SUSE CVE-2018-20724
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...
Cacti cross-site scripting vulnerability (CNVD-2019-14552)
Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostnam' field of the pollers.php file in versions of Cacti prior to 1.2.0, which stems from the...
CVE-2018-20724
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...
Cross site scripting
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...
CVE-2018-20724
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...
CVE-2018-20724
CVE-2018-20724 is a cross-site scripting (XSS) vulnerability in Cacti before 1.2.0, caused by a lack of escaping unintended characters in the Website Hostname used by Data Collectors (pollers.php). Public documentation confirms fixes in later releases: cacti-spine updated to 1.2.9 (openSUSE/SUSE ...