Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cacti cacti 0.8.7 vulnerabilities and exploits
(subscribe to this query)
770
VMScore
CVE-2008-0785
Multiple SQL injection vulnerabilities in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id par...
Cacti Cacti 0.8.1
Cacti Cacti 0.8.2
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6i
Cacti Cacti 0.6.7
Cacti Cacti 0.8
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
4 EDB exploits
440
VMScore
CVE-2008-0783
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k allow remote malicious users to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the actio...
Cacti Cacti 0.8
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.6c
Cacti Cacti 0.6.7
Cacti Cacti 0.8.4
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.3
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
2 EDB exploits
668
VMScore
CVE-2014-5262
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.6e
668
VMScore
CVE-2014-5261
The graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6e
Cacti Cacti
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7a
905
VMScore
CVE-2009-4112
Cacti 0.8.7e and previous versions allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.2
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.5
Cacti Cacti 0.8
Cacti Cacti 0.6.7
Cacti Cacti 0.8.4
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.7a
Cacti Cacti
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.3
Cacti Cacti 0.8.2a
1 EDB exploit
445
VMScore
CVE-2008-0784
graph.php in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k allows remote malicious users to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6i
Cacti Cacti 0.6.7
Cacti Cacti 0.8
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.4
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
383
VMScore
CVE-2008-0786
CRLF injection vulnerability in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k, when running on older PHP interpreters, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Cacti Cacti 0.8.1
Cacti Cacti 0.8.2
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6f
Cacti Cacti 0.6.7
Cacti Cacti 0.8
Cacti Cacti 0.8.5
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.6j
668
VMScore
CVE-2013-1434
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti prior to 0.8.8b allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.5a
Cacti Cacti
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.6
Cacti Cacti 0.8.6a
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.5
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.6e
Cacti Cacti 0.8.6g
435
VMScore
CVE-2010-2544
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti prior to 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote malicious users to inject arbitrary web script or HTML via the filter parameter.
Cacti Cacti 0.5
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.6d
Cacti Cacti 0.6.3
Cacti Cacti
Cacti Cacti 0.8.7
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.3
Cacti Cacti 0.6.8
Cacti Cacti 0.8.2
Cacti Cacti 0.8.5
Cacti Cacti 0.6.6
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7a
Cacti Cacti 0.6.2
Cacti Cacti 0.6.5
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6g
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7c
Cacti Cacti 0.6.1
1 EDB exploit
668
VMScore
CVE-2013-1435
(1) snmp.php and (2) rrd.php in Cacti prior to 0.8.8b allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Cacti Cacti 0.8
Cacti Cacti 0.8.1
Cacti Cacti 0.8.6
Cacti Cacti 0.8.6a
Cacti Cacti 0.8.6h
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.7h
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6e
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »