Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cacti cacti 0.8.6e vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2014-5261
The graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Cacti Cacti 0.8.7fCacti Cacti 0.8.7eCacti Cacti 0.8.7iCacti Cacti 0.8.7gCacti Cacti 0.8.7Cacti Cacti 0.8.6eCacti CactiCacti Cacti 0.8.7dCacti Cacti 0.8.7cCacti Cacti 0.8.8aCacti Cacti 0.8.8Cacti Cacti 0.8.7bCacti Cacti 0.8.7a
7.5
CVSSv2
CVE-2014-5262
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti CactiCacti Cacti 0.8.7dCacti Cacti 0.8.7cCacti Cacti 0.8.7bCacti Cacti 0.8.7fCacti Cacti 0.8.7eCacti Cacti 0.8.8aCacti Cacti 0.8.8Cacti Cacti 0.8.7aCacti Cacti 0.8.7Cacti Cacti 0.8.7iCacti Cacti 0.8.7gCacti Cacti 0.8.6e
7.5
CVSSv2
CVE-2013-1434
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti prior to 0.8.8b allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti 0.8.7bCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.6dCacti Cacti 0.8.6fCacti Cacti 0.8.5aCacti CactiCacti Cacti 0.8.7iCacti Cacti 0.8.6Cacti Cacti 0.8.6aCacti Cacti 0.8.6iCacti Cacti 0.8.6jCacti Cacti 0.8.7Cacti Cacti 0.8.7aCacti Cacti 0.8.6bCacti Cacti 0.8.6cCacti Cacti 0.8.6kCacti Cacti 0.8.5Cacti Cacti 0.8.8Cacti Cacti 0.8.7gCacti Cacti 0.8.6eCacti Cacti 0.8.6g
7.5
CVSSv2
CVE-2013-1435
(1) snmp.php and (2) rrd.php in Cacti prior to 0.8.8b allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Cacti Cacti 0.8Cacti Cacti 0.8.1Cacti Cacti 0.8.6Cacti Cacti 0.8.6aCacti Cacti 0.8.6hCacti Cacti 0.8.6iCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.7fCacti Cacti 0.8.2Cacti Cacti 0.8.2aCacti Cacti 0.8.3Cacti Cacti 0.8.6bCacti Cacti 0.8.6cCacti Cacti 0.8.6jCacti Cacti 0.8.6kCacti Cacti 0.8.7gCacti Cacti 0.8.7hCacti Cacti 0.8.3aCacti Cacti 0.8.4Cacti Cacti 0.8.6dCacti Cacti 0.8.6e
10
CVSSv2
CVE-2005-2149
config.php in Cacti 0.8.6e and previous versions allows remote malicious users to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.8.6aThe Cacti Group Cacti 0.8.6bThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.5The Cacti Group Cacti 0.8.6eThe Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.3aThe Cacti Group Cacti 0.8.6cThe Cacti Group Cacti 0.8.6dThe Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.1The Cacti Group Cacti 0.8.5aThe Cacti Group Cacti 0.8.6
7.5
CVSSv2
CVE-2005-2148
Cacti 0.8.6e and previous versions does not perform proper input validation to protect against common attacks, which allows remote malicious users to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in ...
The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.1The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.6The Cacti Group Cacti 0.8.6aThe Cacti Group Cacti 0.8.3aThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.6eThe Cacti Group Cacti 0.8.6bThe Cacti Group Cacti 0.8.6cThe Cacti Group Cacti 0.8.6dThe Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.5The Cacti Group Cacti 0.8.5a
4.3
CVSSv2
CVE-2013-5588
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.
Cacti Cacti 0.8.8Cacti Cacti 0.8Cacti Cacti 0.8.1Cacti Cacti 0.8.2Cacti Cacti 0.8.6gCacti Cacti 0.8.6hCacti Cacti 0.8.6iCacti Cacti 0.8.6jCacti Cacti 0.8.5aCacti Cacti 0.8.6Cacti Cacti 0.8.6aCacti Cacti 0.8.6bCacti Cacti 0.8.7cCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.7fCacti Cacti 0.8.7gCacti CactiCacti Cacti 0.8.2aCacti Cacti 0.8.3aCacti Cacti 0.8.5Cacti Cacti 0.8.6c
7.5
CVSSv2
CVE-2013-5589
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Debian Debian Linux 7.0Cacti Cacti 0.8.3Cacti Cacti 0.8.3aCacti Cacti 0.8.6cCacti Cacti 0.8.6dCacti Cacti 0.8.7Cacti Cacti 0.8.7aCacti Cacti 0.8.7hCacti Cacti 0.8.7iCacti Cacti 0.8Cacti Cacti 0.8.1Cacti Cacti 0.8.5aCacti Cacti 0.8.6Cacti Cacti 0.8.6gCacti Cacti 0.8.6hCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.2Cacti Cacti 0.8.2aCacti Cacti 0.8.6aCacti Cacti 0.8.6bCacti Cacti 0.8.6i
7.5
CVSSv2
CVE-2005-1525
SQL injection vulnerability in config_settings.php for Cacti prior to 0.8.6e allows remote malicious users to execute arbitrary SQL commands via the id parameter.
The Cacti Group Cacti 0.6.4The Cacti Group Cacti 0.6.5The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.6The Cacti Group Cacti 0.6.1The Cacti Group Cacti 0.6.8The Cacti Group Cacti 0.6.8aThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.5aThe Cacti Group Cacti 0.6.2The Cacti Group Cacti 0.6.3The Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.1The Cacti Group CactiThe Cacti Group Cacti 0.5The Cacti Group Cacti 0.6.6The Cacti Group Cacti 0.6.7The Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.3a
7.5
CVSSv2
CVE-2005-1526
PHP remote file inclusion vulnerability in config_settings.php in Cacti prior to 0.8.6e allows remote malicious users to execute arbitrary PHP code via the config[include_path] parameter.
The Cacti Group Cacti 0.6The Cacti Group Cacti 0.6.1The Cacti Group Cacti 0.6.8The Cacti Group Cacti 0.6.8aThe Cacti Group Cacti 0.8.4The Cacti Group Cacti 0.8.5aThe Cacti Group Cacti 0.6.4The Cacti Group Cacti 0.6.5The Cacti Group Cacti 0.8.2The Cacti Group Cacti 0.8.2aThe Cacti Group Cacti 0.5The Cacti Group Cacti 0.6.6The Cacti Group Cacti 0.6.7The Cacti Group Cacti 0.8.3The Cacti Group Cacti 0.8.3aThe Cacti Group Cacti 0.6.2The Cacti Group Cacti 0.6.3The Cacti Group Cacti 0.8The Cacti Group Cacti 0.8.1The Cacti Group Cacti
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook