5 matches found
Amazon Linux AMI : cacti (ALAS-2024-1915)
The version of cacti installed on the remote host is prior to 1.1.19-6.24. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1915 advisory. Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerabili...
The vulnerability of the SNMP Notification Receiver function in the managers.php script of the Cacti network monitoring software allows a hacker to execute arbitrary SQL code.
The vulnerability of the SNMP Notification Receiver function in the managers.php script of the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code by sending...
SQL Injection (SQLi)
cacti:sid is a vulnerable of SQL Injection SQLi. The vulnerability due to receiving feature of SNMP Notification in the file ‘managers.php’. It leads to SQL Injection by allows the authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint...
UBUNTU-CVE-2023-51448
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...
CVE-2023-51448
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notification Receivers feature in the file ‘managers.php’. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTT...