CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE-2026-40079

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Command Injection due to lack of sanitization in the escapecommand function. The escapecommand function at lib/rrd.php is a no-op: it returns $command unchanged. The command line built ...

9.8CVSS0.01113EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2013-1473

Malware in sbrugna...

7.5CVSS8.5AI score0.02391EPSS

Exploits0References12

UbuntuCve•added 2017/11/07 8:29 p.m.•24 views

CVE-2017-16641

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the pathrrdtool parameter in an action=save request to settings.php...

9CVSS7.2AI score0.03197EPSS

Exploits1References3

NVD•added 2017/11/07 8:29 p.m.•15 views

CVE-2017-16641

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the pathrrdtool parameter in an action=save request to settings.php...

9CVSS7.1AI score0.03197EPSS

Exploits1References1

Cvelist•added 2017/11/07 8:0 p.m.•23 views

CVE-2017-16641

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the pathrrdtool parameter in an action=save request to settings.php...

7AI score0.03197EPSS

Exploits1References1

NVD•added 2014/08/22 2:55 p.m.•18 views

CVE-2014-5261

The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...

7.5CVSS9AI score0.10773EPSS

Exploits1References8

Prion•added 2014/08/22 2:55 p.m.•21 views

Code injection

7.5CVSS8AI score0.10773EPSS

Exploits1References8Affected Software1

NVD•added 2014/04/23 3:55 p.m.•18 views

CVE-2014-2709

lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters...

7.5CVSS7.4AI score0.04916EPSS

Exploits0References10

OSV•added 2014/04/23 3:55 p.m.•1 views

UBUNTU-CVE-2014-2709

lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters...

7.5CVSS7.6AI score0.04916EPSS

Exploits0References5

UbuntuCve•added 2013/08/23 4:55 p.m.•35 views

CVE-2013-1435

1 snmp.php and 2 rrd.php in Cacti before 0.8.8b allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

7.5CVSS7.5AI score0.02391EPSS

Exploits0References3

CVE•added 2010/08/23 8:0 p.m.•89 views

CVE-2010-2545

Cacti before 0.8.7g contains multiple XSS vulnerabilities (including CVE-2010-2545) in various templates and admin paths. The GLSA notes remote script injection and the need to upgrade to the 0.8.8+ series as remediation; affected vectors include template name and numerous PHP/graph-related compo...

4.3CVSS5.2AI score0.01801EPSS

Exploits1References14Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by