Cacti Security Vulnerabilities and Issues — Cacti CVE List

Lucene search

CactiCacti

4 matches found

CVE•added 2016/04/12 4:59 p.m.•95 views

CVE-2016-3172

SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.

8.8CVSS8.7AI score0.00522EPSS

CVE•added 2016/04/11 9:59 p.m.•80 views

CVE-2015-8604

SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.

8.8CVSS8.7AI score0.0063EPSS

CVE•added 2016/04/13 5:59 p.m.•57 views

CVE-2016-2313

auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.

8.8CVSS8.3AI score0.01075EPSS

CVE•added 2016/04/11 3:59 p.m.•51 views

CVE-2016-3659

SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.

8.8CVSS8.7AI score0.00587EPSS