5 matches found
EUVD-2015-8253
Malware in sbrugna...
Cacti SQL注入漏洞(CNVD-2015-08486)
0x01 漏洞简述 Cacti是Cacti集团的一套开源的网络流量监测和分析工具。该工具通过snmpget来获取数据,使用RRDtool绘画图形进行分析,并提供数据和用户管理功能。 Cacti 0.8.8f以前版本存在SQL注入漏洞。允许远程攻击者通过graphphp属性行动中的rraid参数执行任意SQL命令。 0x02 漏洞细节 漏洞存在于文件 /cacti-0.8.8f/graph.php line 25 includeonce"./include/topgraphheader.php"; / set default action / if !isset"action"...
CVE-2015-8369
SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...
CVE-2015-8369
SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...
cacti -- SQL injection vulnerabilities
NVD reports: SQL injection vulnerability in include/topgraphheader.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rraid parameter in a properties action to graph.php...