Lucene search
+L
CactiCacti

152 matches found

CVE
CVE
added 2025/01/27 5:12 p.m.1086 views

CVE-2025-24367

CVE-2025-24367 affects Cacti, an open-source monitoring framework. The flaw allows an authenticated Cacti user to abuse graph creation and graph template functionality to write arbitrary PHP scripts in the web root, leading to remote code execution on the server. Impact is remote code execution w...

8.8CVSS7.9AI score0.54024EPSS
Web
CVE
CVE
added 2022/12/05 8:48 p.m.750 views

CVE-2022-46169

CVE-2022-46169 affects Cacti and enables unauthenticated command execution via remote_agent.php when a poller_item with POLLER_ACTION_SCRIPT_PHP is present. The root cause is an IP-based auth bypass: HTTP_ headers can be spoofed (e.g., Forwarded-For) so get_client_addr returns the server IP, allo...

9.8CVSS10AI score0.99826EPSS
In wildWeb
CVE
CVE
added 2020/02/22 12:0 a.m.398 views

CVE-2020-8813

CVE-2020-8813 affects Cacti (notably up to version 1.2.8) and enables remote code execution. An authenticated guest user with the graph real-time privilege can trigger arbitrary OS commands via shell metacharacters in a cookie, impacting servers running Cacti. The available connected advisory con...

9.3CVSS8.8AI score0.73779EPSS
Web
CVE
CVE
added 2020/01/16 3:55 a.m.285 views

CVE-2020-7106

CVE-2020-7106 affects Cacti 1.2.8, with stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php; root cause is improper escaping/display of a raw string from the database (via $header). Public advisori...

6.1CVSS6.7AI score0.02139EPSS
Web
CVE
CVE
added 2020/06/17 1:47 p.m.266 views

CVE-2020-14295

CVE-2020-14295 is a SQL injection in Cacti 1.2.12's color.php (via the filter parameter) that can lead to remote command execution due to stacked queries. Evidence shows exploits/modules exist (e.g., Metasploit references) and public advisories describe the vulnerability. Mitigation observed in u...

7.2CVSS7.4AI score0.8633EPSS
Web
CVE
CVE
added 2020/01/20 4:6 a.m.255 views

CVE-2020-7237

CVE-2020-7237 affects Cacti 1.2.8, enabling remote code execution by privileged users through shell metacharacters in the Performance Boost Debug Log field of poller_automation.php; commands run when a new poller cycle starts. The authenticated attacker must have permission to modify Performance ...

9CVSS8.6AI score0.36824EPSS
CVE
CVE
added 2024/05/13 1:28 p.m.214 views

CVE-2024-25641

CVE-2024-25641 affects Cacti prior to 1.2.27. An arbitrary file write vulnerability in the import_package() path allows authenticated users with the Import Templates permission to write/overwrite files via the Package Import XML data, due to the function blindly trusting filenames and content and...

9.1CVSS9.3AI score0.86303EPSS
Web
CVE
CVE
added 2021/01/11 3:57 p.m.205 views

CVE-2020-35701

CVE-2020-35701 affects Cacti 1.2.x through 1.2.16. A SQL injection in data_debug.php via the site_id parameter allows remote authenticated attackers to execute arbitrary SQL commands, with potential remote code execution. Remediation: upgrade to Cacti 1.2.17 (or apply vendor patches) as indicated...

8.8CVSS8.8AI score0.04599EPSS
CVE
CVE
added 2019/09/23 2:24 p.m.198 views

CVE-2019-16723

CVE-2019-16723 affects Cacti until 1.2.6. An authenticated user can bypass authorization to view a graph by calling graph_json.php with a modified local_graph_id, effectively an IDOR-style flaw. Remediation per connected sources is to upgrade to a fixed release (examples include Cacti 1.2.9+; som...

4.3CVSS5.6AI score0.01468EPSS
CVE
CVE
added 2019/12/12 1:53 p.m.197 views

CVE-2019-17358

CVE-2019-17358 affects Cacti up to version 1.2.7 via unsafe deserialization in lib/functions.php, allowing an authenticated attacker to influence object data and control actions, with potential PHP memory corruption. Public fixes are shown in openSUSE updates: CVE-2019-17358 is addressed in cacti...

8.1CVSS8AI score0.03005EPSS
CVE
CVE
added 2020/01/21 6:35 p.m.191 views

CVE-2019-17357

CVE-2019-17357 affects Cacti up to 1.2.7 via a graphs.php?template_id= SQL injection vulnerability in how template identifiers are handled. Exploitation could allow data extraction (authenticated) or CSRF-based unauthenticated access. Public listings in connected docs confirm this CVE was address...

6.5CVSS7.5AI score0.35041EPSS
CVE
CVE
added 2009/11/30 9:0 p.m.182 views

CVE-2009-4112

CVE-2009-4112 affects Cacti up to version 0.8.7e, where remote authenticated administrators could escalate privileges by tampering with the Linux Get Memory Usage Data Input Method. OpenSUSE/SUSE updates (cacti, cacti-spine) to version 1.2.11 fix this and related issues (CVE-2018-20723/24/25/26, ...

9CVSS8.7AI score0.11477EPSS
CVE
CVE
added 2023/09/05 9:9 p.m.182 views

CVE-2023-39516

CVE-2023-39516 affects Cacti. It is a Stored Cross-Site Scripting (XSS) vulnerability in the data_sources.php component that can be exploited by an authenticated user with the General Administration > Sites/Devices/Data permission to poison data stored in the Cacti database. The poisoned data ...

6.1CVSS6.6AI score0.00702EPSS
Web
CVE
CVE
added 2023/09/05 8:6 p.m.179 views

CVE-2023-39515

Cacti Stored XSS (CVE-2023-39515) affects data_debug.php and is exploitable by authenticated users with General Administration>Sites/Devices/Data, enabling JavaScript in admin-viewed data. Affected via malicious data-source path configuration; fix: upgrade to 1.2.25. Note: CVE-2023-49088 indic...

6.1CVSS6.1AI score0.00703EPSS
CVE
CVE
added 2022/03/03 12:0 a.m.174 views

CVE-2022-0730

CVE-2022-0730: In Cacti, authentication can be bypassed under certain LDAP conditions when anonymous binding is enabled. Public advisories (Debian DSA/DLA, Fedora/Amazon, ENISA EUVD) reference this as a vulnerability in cacti with authenticated LDAP bypass risk. Debian fixed multiple releases: fo...

9.8CVSS9.4AI score0.03445EPSS
CVE
CVE
added 2025/01/27 5:6 p.m.173 views

CVE-2025-22604

CVE-2025-22604 affects Cacti, where a flaw in the multi-line SNMP result parser allows authenticated users to inject malformed OIDs; processing by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes() uses part of an OID as a key in an array that feeds a system command, causing a command execution vu...

9.1CVSS7AI score0.0529EPSS
CVE
CVE
added 2023/09/05 9:3 p.m.170 views

CVE-2023-39365

Cacti vulnerability CVE-2023-39365: Issues with Regular Expression validation combined with the external links feature allow limited SQL injections and data leakage. Affected product is the Cacti framework (web-based network graphing/monitoring). Root cause described as improper validation in reg...

6.3CVSS7.1AI score0.00857EPSS
CVE
CVE
added 2019/01/16 4:0 p.m.164 views

CVE-2018-20724

CVE-2018-20724 is a cross-site scripting (XSS) vulnerability in Cacti before 1.2.0, caused by a lack of escaping unintended characters in the Website Hostname used by Data Collectors (pollers.php). Public documentation confirms fixes in later releases: cacti-spine updated to 1.2.9 (openSUSE/SUSE ...

4.8CVSS5.8AI score0.01025EPSS
CVE
CVE
added 2019/01/16 4:0 p.m.163 views

CVE-2018-20725

CVE-2018-20725 affects Cacti before 1.2.0, where graph_templates.php Graph Vertical Label could be exploited due to insufficient escaping of characters. Connected OSV entries indicate that the fix was delivered in updates to cacti/cacti-spine (e.g., openSUSE/SUSE packages) and that CVE-2018-20725...

4.8CVSS5.8AI score0.01025EPSS
CVE
CVE
added 2019/01/16 4:0 p.m.162 views

CVE-2018-20723

CVE-2018-20723 is a cross-site scripting (XSS) vulnerability in Cacti’s color_templates.php where unintended characters in the Color Name field were not escaped, making it exploitable in versions prior to 1.2.0. Connected advisories show remediation through newer Cacti releases (e.g., openSUSE/SU...

4.8CVSS5.8AI score0.01025EPSS
CVE
CVE
added 2023/09/05 8:43 p.m.158 views

CVE-2023-39360

CVE-2023-39360 is a stored XSS in Cacti’s graphs_new.php. An authenticated user can poison stored data via the returnto parameter passed to form_save_button; bypass occurs when returnto contains host.php. The issue affects Cacti prior to the fixed release and can impact data integrity and user se...

6.1CVSS6.4AI score0.00767EPSS
CVE
CVE
added 2019/01/16 4:0 p.m.156 views

CVE-2018-20726

CVE-2018-20726 affects Cacti (pre-1.2.0) with an XSS in host.php (via tree.php) due to missing escaping in the Website Hostname field for Devices. Exploitation details are not provided in the documents, but multiple advisories note this CVE alongside others and document remediation: upgrade to Ca...

5.4CVSS6.1AI score0.01045EPSS
CVE
CVE
added 2023/09/05 8:42 p.m.145 views

CVE-2023-39366

CVE-2023-39366 affects Cacti (web-based monitoring) with a stored XSS in the data_sources view caused by malicious device-name configuration via host.php; the payload can execute in admin users’ browsers when viewing data sources. Affected versions are mitigated by upgrading to Cacti 1.2.25. If u...

6.1CVSS5.7AI score0.00758EPSS
Web
CVE
CVE
added 2023/09/05 8:59 p.m.143 views

CVE-2023-39359

CVE-2023-39359 affects the Cacti monitoring framework. An authenticated SQL injection exists in the graphs.php handler (ajax_hosts / ajax_hosts_noany) where a non-zero site_id is reflected in the WHERE clause, enabling privilege escalation and remote code execution per the cited description. The ...

8.8CVSS9.6AI score0.01689EPSS
CVE
CVE
added 2015/08/11 2:0 p.m.131 views

CVE-2015-4634

CVE-2015-4634 is a SQL injection vulnerability in Cacti’s graphs.php. The issue allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter in versions prior to 0.8.8e. Public advisories (openSUSE-2015-510, ALAS-2016-673, Debian DSA-3312, CNVD/CVE records) confirm t...

7.5CVSS9AI score0.02178EPSS
CVE
CVE
added 2015/06/17 6:0 p.m.127 views

CVE-2015-4454

CVE-2015-4454 affects Cacti prior to 0.8.8d, where a SQL injection in the get_hash_graph_template function (lib/functions.php) can be triggered via graph_template_id in graph_templates.php. The issue is demonstrated across multiple advisories and distributions (e.g., Mageia MGASA-2015-0306 and Fe...

7.5CVSS9AI score0.02252EPSS
Web
CVE
CVE
added 2023/09/06 5:40 p.m.127 views

CVE-2023-39511

CVE-2023-39511 affects Cacti (1.2.x) with a Stored XSS in the reporting interface. An authenticated user can poison data stored in the Cacti database via malicious device names configured at /cacti/host.php and rendered on /cacti/reports_admin.php, enabling script execution in admins’ browsers wh...

6.1CVSS6.5AI score0.00669EPSS
CVE
CVE
added 2023/09/05 9:21 p.m.124 views

CVE-2023-30534

CVE-2023-30534 affects Cacti prior to 1.2.25. The issue involves insecure deserialization via unserialize in graphs_new.php (host_new_graphs_save) due to lack of input sanitization. A viable phpseclib gadget chain exists in vendor code but the gadgets are not accessible, making exploitation not p...

4.3CVSS6.8AI score0.02569EPSS
CVE
CVE
added 2024/05/13 3:26 p.m.117 views

CVE-2024-34340

Summary (CVE-2024-34340): Cacti up to version 1.2.27 is vulnerable in the password verification path (compat_password_verify). The code performs a loose comparison using md5 when verifying passwords, comparing the Md5-hashed user input to the stored hash with a non-strict equality, enabling poten...

9.1CVSS9.1AI score0.01119EPSS
CVE
CVE
added 2016/04/12 4:0 p.m.114 views

CVE-2016-3172

CVE-2016-3172 affects Cacti up to 0.8.8g. It is a SQL injection in tree.php (parameter: parent_id in item_edit) that allows remote authenticated users to execute arbitrary SQL commands against the back-end database. Documented impacts include viewing, adding, modifying, or deleting data; CVSS v3....

8.8CVSS8.7AI score0.02827EPSS
CVE
CVE
added 2024/05/13 3:11 p.m.114 views

CVE-2024-31459

CVE-2024-31459 affects Cacti prior to version 1.2.27 and describes a file inclusion in lib/plugin.php where data from plugin_hooks and plugin_config tables is concatenated into a file path for inclusion. When paired with SQL injection weaknesses, this can enable remote code execution. Connected a...

8CVSS8.2AI score0.02677EPSS
CVE
CVE
added 2023/09/05 9:19 p.m.113 views

CVE-2023-31132

CVE-2023-31132 affects Cacti, a PHP-based web frontend for monitoring. A privilege-escalation flaw lets a low-privilege OS user with access to a Windows host where Cacti runs create arbitrary PHP files in a web document directory and execute them under SYSTEM, enabling local privilege escalation....

7.8CVSS9AI score0.00384EPSS
CVE
CVE
added 2020/01/15 6:3 a.m.112 views

CVE-2020-7058

CVE-2020-7058 affects Cacti 1.2.8; data_input.php can lead to remote code execution via a crafted Input String to Data Collection → Data Input Methods → Unix → Ping Host. Multiple connected sources note the vendor’s statement that this is a false alarm, with no public exploit details or patch inf...

8.8CVSS8.8AI score0.02254EPSS
CVE
CVE
added 2020/11/12 12:0 a.m.109 views

CVE-2020-25706

CVE-2020-25706 is a cross-site scripting (XSS) vulnerability in Cacti 1.2.13 related to improper escaping of the error message during template import preview in the xml_path field of templates_import.php. Concrete details across connected sources indicate the flaw can lead to information disclosu...

6.1CVSS5.8AI score0.02783EPSS
CVE
CVE
added 2024/05/13 3:5 p.m.109 views

CVE-2024-31445

CVE-2024-31445 affects Cacti prior to 1.2.27. Root cause: api_automation.php concatenates get_request_var('filter') into SQL without sanitization (lines 717, 856). Impact: authenticated users can exploit SQL injection for privilege escalation and remote code execution. Remediation: upgrade to ver...

8.8CVSS8.2AI score0.26154EPSS
CVE
CVE
added 2024/05/13 3:14 p.m.109 views

CVE-2024-31460

CVE-2024-31460 is a SQL injection in Cacti prior to 1.2.27, caused by unsafely concatenating SQL in automation_tree_rules.php data used by create_all_header_nodes. The vulnerability may enable modification of the Cacti database and, as described, could lead to arbitrary file reading and even remo...

8.8CVSS8.3AI score0.01791EPSS
Web
CVE
CVE
added 2024/10/07 8:40 p.m.107 views

CVE-2024-43363

CVE-2024-43363 affects Cacti. An admin can create a device with a malicious hostname containing PHP code; completing only step 5 of installation allows the hostname to be logged (log poisoning), after which the attacker can access the log file URL to achieve remote code execution (RCE). The vulne...

7.2CVSS7.3AI score0.35611EPSS
CVE
CVE
added 2023/09/05 8:58 p.m.106 views

CVE-2023-39361

CVE-2023-39361 affects Cacti (notably 1.2.24) via a SQL injection in graph_view.php. The vulnerability arises when guest users can access graph_view.php without authentication, enabling an attacker to inject SQL through the rfilter parameter (within the grow_right_pane_tree path) and potentially ...

9.8CVSS10AI score0.87688EPSS
In wildWeb
CVE
CVE
added 2009/11/27 7:0 p.m.105 views

CVE-2009-4032

CVE-2009-4032 affects Cacti 0.8.7e and earlier, with multiple XSS flaws in graph.php, include/top_graph_header.php, lib/html_form.php, and lib/timespan_settings.php. Exploitation vectors include graph_end/graph_start (graph.php), date1 (graph_view.php), and page_refresh/default_dual_pane_width (g...

4.3CVSS5.4AI score0.05739EPSS
Web
CVE
CVE
added 2023/09/05 9:2 p.m.104 views

CVE-2023-39357

CVE-2023-39357 affects Cacti. A defect in the sql_save function allows SQL injection when the column type is numeric, due to insufficient input validation across call sites. This can enable authenticated users to perform privilege escalation and remote code execution. The issue is addressed in ve...

8.8CVSS10AI score0.01541EPSS
CVE
CVE
added 2015/12/17 7:0 p.m.103 views

CVE-2015-8369

CVE-2015-8369 affects Cacti (0.8.8f and earlier). The SQL injection occurs in include/top_graph_header.php via the rra_id parameter used in a properties action to graph.php, allowing remote commands to interact with the database. Impact: arbitrary SQL execution with the app’s privileges. Mitigati...

7.5CVSS8.9AI score0.02319EPSS
Web
CVE
CVE
added 2023/09/05 9:16 p.m.103 views

CVE-2023-39362

Cacti CVE-2023-39362 affects the web-based monitoring framework. In version 1.2.24, an authenticated privileged user can abuse the SNMP options of a Device to trigger a command injection via an input that reaches an exec call in lib/snmp.php, potentially yielding remote code execution on the serv...

7.2CVSS7.6AI score0.82186EPSS
CVE
CVE
added 2023/12/21 11:29 p.m.102 views

CVE-2023-49086

Cacti (web frontend to RRDTool) versions prior to 1.2.27 are vulnerable to a DOM XSS in graphs_new.php, bypassing the fix for CVE-2023-39360. Exploitation requires an authorized user and results in execution of arbitrary JavaScript in the victim’s browser. The issue is resolved in version 1.2.27....

5.4CVSS7.2AI score0.01481EPSS
CVE
CVE
added 2021/11/14 7:48 p.m.101 views

CVE-2020-14424

CVE-2020-14424 affects Cacti versions prior to 1.2.18, where an attacker can trigger cross-site scripting via template import for the midwinter theme. Affected software is the Cacti web frontend (PHP-based) used for network graphing. Root cause: improper sanitization during template import allowi...

6.1CVSS6AI score0.01631EPSS
CVE
CVE
added 2019/04/08 10:20 p.m.100 views

CVE-2019-11025

CVE-2019-11025 affects Cacti prior to 1.2.3; the issue is an XSS in the SNMP Options printed value in the View poller cache due to lack of escaping in utilities.php. Impact is cross-site scripting; exploitation is possible via printing unescaped SNMP community strings. Mitigation: upgrade to a fi...

5.4CVSS5.5AI score0.01331EPSS
CVE
CVE
added 2013/08/23 4:0 p.m.99 views

CVE-2013-1434

Cacti prior to version 0.8.8b contains multiple SQL injection vulnerabilities in api_poller.php and utility.php that allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Public advisories (openSUSE/SUSe, Gentoo GLSA, Amazon Linux ALAS) indicate upgrading to 0.8.8b fix...

7.5CVSS9.2AI score0.01727EPSS
CVE
CVE
added 2021/08/27 12:0 a.m.99 views

CVE-2020-23226

CVE-2020-23226 is documented across multiple feeds as a set of Cross Site Scripting (XSS) vulnerabilities in Cacti 1.2.12 . The affected components include (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, and (6) data_input.php (noting dupl...

6.1CVSS6AI score0.02434EPSS
CVE
CVE
added 2025/01/27 5:16 p.m.98 views

CVE-2025-24368

CVE-2025-24368 affects the Cacti web framework. The vulnerability arises because data stored in automation_tree_rules.php is not thoroughly validated and is concatenated into an SQL statement in build_rule_item_filter() within lib/api_automation.php, enabling SQL injection. The issue is fixed in ...

7.5CVSS7.5AI score0.00492EPSS
CVE
CVE
added 2024/10/07 8:38 p.m.97 views

CVE-2024-43364

CVE-2024-43364 affects the Cacti web framework. The vulnerability is a stored XSS due to improper sanitization of the title parameter when saving external links (links.php), with the title stored in the database and reflected in index.php. The issue is addressed in Cacti release 1.2.28 (upgrading...

8.2CVSS5.8AI score0.34191EPSS
CVE
CVE
added 2016/04/11 9:0 p.m.96 views

CVE-2015-8604

CVE-2015-8604 is a SQL injection vulnerability in Cacti's graphs_new.php (host_new_graphs function) prior to 0.8.8f, exploitable by remote authenticated users via the cg_g parameter in a save action to execute arbitrary SQL. Public advisories (Debian, FreeBSD, Gentoo, Mageia) document affected ve...

8.8CVSS8.7AI score0.02315EPSS
Web
Total number of security vulnerabilities152