SUSE CVE-2024-43365

Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...

Exploit for Improper Neutralization of Line Delimiters in Cacti

CVE-2025-24367-WebShell Exploit He creado este pequeño script...

CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

LangChain 安全漏洞

LangChain is an open-source framework developed by LangChain for creating applications powered by large language models LLMs. Versions of LangChain prior to 0.3.84 and 1.2.28 contained security vulnerabilities. These vulnerabilities stemmed from incomplete validation of f-string template fields,...

EUVD-2023-56230

Malicious code in bioql PyPI...

CVE-2025-58199

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

CVE-2025-58199 WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

CVE-2025-58199 WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

PT-2025-38883

Name of the Vulnerable Software and Affected Versions Fastly versions n/a through 1.2.28 Description A Cross-Site Request Forgery issue exists in Fastly. This allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations Update Fastly to a version...

WordPress plugin Fastly 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

Linux Distros Unpatched Vulnerability : CVE-2024-43364

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. The title parameter is not properly sanitized when saving external links in links.php...

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a...

SUSE CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

DEBIAN-CVE-2024-43362

Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php . Morever, the said fileurl is placed in some html code which is passed to the print function in link.php and index.php, finally leading to...

CVE-2024-43362

Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php . Morever, the said fileurl is placed in some html code which is passed to the print function in link.php and index.php, finally leading to...

UBUNTU-CVE-2024-43365

Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...

UBUNTU-CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

UBUNTU-CVE-2024-43362

Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php . Morever, the said fileurl is placed in some html code which is passed to the print function in link.php and index.php, finally leading to...

CVE-2024-43363 Remote code execution via Log Poisoning in Cacti

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

CVE-2024-43365

CVE-2024-43365 affects Cacti. The issue is a stored XSS in the consolenewsection parameter when creating external links (links.php), which is saved in the database and reflected in index.php. Exploitation requires user privileges to create external links; input is stored and displayed without pro...