Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cacti cacti 0.8.8b vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2014-2708
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source,...
Cacti Cacti 0.8.8b
6.5
CVSSv2
CVE-2017-1000031
SQL injection vulnerability in graph_templates_inputs.php in Cacti 0.8.8b allows remote malicious users to execute arbitrary SQL commands via the graph_template_input_id and graph_template_id parameters.
Cacti Cacti 0.8.8b
4.3
CVSSv2
CVE-2017-1000032
Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote malicious users to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.
Cacti Cacti 0.8.8b
4.3
CVSSv2
CVE-2014-4002
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote malicious users to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_...
Opensuse Opensuse 13.1Opensuse Opensuse 13.2Cacti Cacti 0.8.8b
3.5
CVSSv2
CVE-2014-5025
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
Debian Debian Linux 7.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2Cacti Cacti 0.8.8b
3.5
CVSSv2
CVE-2014-5026
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templa...
Debian Debian Linux 7.0Cacti Cacti 0.8.8bOpensuse Opensuse 13.1Opensuse Opensuse 13.2
7.5
CVSSv2
CVE-2013-1435
(1) snmp.php and (2) rrd.php in Cacti prior to 0.8.8b allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Cacti Cacti 0.8Cacti Cacti 0.8.1Cacti Cacti 0.8.6Cacti Cacti 0.8.6aCacti Cacti 0.8.6hCacti Cacti 0.8.6iCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.7fCacti Cacti 0.8.2Cacti Cacti 0.8.2aCacti Cacti 0.8.3Cacti Cacti 0.8.6bCacti Cacti 0.8.6cCacti Cacti 0.8.6jCacti Cacti 0.8.6kCacti Cacti 0.8.7gCacti Cacti 0.8.7hCacti Cacti 0.8.3aCacti Cacti 0.8.4Cacti Cacti 0.8.6dCacti Cacti 0.8.6e
7.5
CVSSv2
CVE-2013-1434
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti prior to 0.8.8b allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti 0.8.7bCacti Cacti 0.8.7dCacti Cacti 0.8.7eCacti Cacti 0.8.6dCacti Cacti 0.8.6fCacti Cacti 0.8.5aCacti CactiCacti Cacti 0.8.7iCacti Cacti 0.8.6Cacti Cacti 0.8.6aCacti Cacti 0.8.6iCacti Cacti 0.8.6jCacti Cacti 0.8.7Cacti Cacti 0.8.7aCacti Cacti 0.8.6bCacti Cacti 0.8.6cCacti Cacti 0.8.6kCacti Cacti 0.8.5Cacti Cacti 0.8.8Cacti Cacti 0.8.7gCacti Cacti 0.8.6eCacti Cacti 0.8.6g
7.5
CVSSv2
CVE-2014-5262
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti CactiCacti Cacti 0.8.7dCacti Cacti 0.8.7cCacti Cacti 0.8.7bCacti Cacti 0.8.7fCacti Cacti 0.8.7eCacti Cacti 0.8.8aCacti Cacti 0.8.8Cacti Cacti 0.8.7aCacti Cacti 0.8.7Cacti Cacti 0.8.7iCacti Cacti 0.8.7gCacti Cacti 0.8.6e
7.5
CVSSv2
CVE-2014-5261
The graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Cacti Cacti 0.8.7fCacti Cacti 0.8.7eCacti Cacti 0.8.7iCacti Cacti 0.8.7gCacti Cacti 0.8.7Cacti Cacti 0.8.6eCacti CactiCacti Cacti 0.8.7dCacti Cacti 0.8.7cCacti Cacti 0.8.8aCacti Cacti 0.8.8Cacti Cacti 0.8.7bCacti Cacti 0.8.7a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook