8 matches found
EUVD-2018-2142
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-10060
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitizeuri function in lib/functions.php...
Cacti cross-site scripting vulnerability (CNVD-2018-08679)
Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the sanitizeuri function in versions of Cacti prior to 1.1.37, which can lead to cross-site scripting attacks...
CVE-2018-10060
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitizeuri function in lib/functions.php...
CVE-2018-10060
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitizeuri function in lib/functions.php...
Design/Logic Flaw
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitizeuri function in lib/functions.php...
CVE-2018-10060
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitizeuri function in lib/functions.php...
CVE-2018-10060
CVE-2018-10060 affects Cacti prior to 1.1.37, where the sanitize_uri function in lib/functions.php fails to reject unintended characters, enabling cross-site scripting (XSS). The issue is described across multiple sources (Cacti CVE entry, CNVD CNVD-2018-08679, Debian DLA-2965-1, and OpenVAS entr...