Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cacti cacti 0.8.6i vulnerabilities and exploits
(subscribe to this query)
905
VMScore
CVE-2009-4112
Cacti 0.8.7e and previous versions allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.2
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.5
Cacti Cacti 0.8
Cacti Cacti 0.6.7
Cacti Cacti 0.8.4
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.7a
Cacti Cacti
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.3
Cacti Cacti 0.8.2a
1 EDB exploit
770
VMScore
CVE-2008-0785
Multiple SQL injection vulnerabilities in Cacti 0.8.7 prior to 0.8.7b and 0.8.6 prior to 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id par...
Cacti Cacti 0.8.1
Cacti Cacti 0.8.2
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6i
Cacti Cacti 0.6.7
Cacti Cacti 0.8
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
4 EDB exploits
755
VMScore
CVE-2010-1431
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and previous versions allows remote malicious users to execute arbitrary SQL commands via the export_item_id parameter.
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7
Cacti Cacti
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6b
Cacti Cacti 0.6.3
Cacti Cacti 0.6.2
Cacti Cacti 0.6.7
Cacti Cacti 0.8
Cacti Cacti 0.8.4
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.6h
Cacti Cacti 0.8.6g
Cacti Cacti 0.6.5
Cacti Cacti 0.6.4
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7c
1 EDB exploit
694
VMScore
CVE-2007-3112
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.
The Cacti Group Cacti
668
VMScore
CVE-2013-5589
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Debian Debian Linux 7.0
Cacti Cacti 0.8.3
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.7h
Cacti Cacti 0.8.7i
Cacti Cacti 0.8
Cacti Cacti 0.8.1
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.6
Cacti Cacti 0.8.6g
Cacti Cacti 0.8.6h
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.6a
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6i
668
VMScore
CVE-2013-1434
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti prior to 0.8.8b allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.5a
Cacti Cacti
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.6
Cacti Cacti 0.8.6a
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.5
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.6e
Cacti Cacti 0.8.6g
668
VMScore
CVE-2013-1435
(1) snmp.php and (2) rrd.php in Cacti prior to 0.8.8b allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Cacti Cacti 0.8
Cacti Cacti 0.8.1
Cacti Cacti 0.8.6
Cacti Cacti 0.8.6a
Cacti Cacti 0.8.6h
Cacti Cacti 0.8.6i
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.7h
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6e
668
VMScore
CVE-2011-4824
SQL injection vulnerability in auth_login.php in Cacti prior to 0.8.7h allows remote malicious users to execute arbitrary SQL commands via the login_username parameter.
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6h
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.7d
Cacti Cacti 0.6.8a
Cacti Cacti 0.6.8
Cacti Cacti 0.6.3
Cacti Cacti 0.8
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.5
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.7b
Cacti Cacti 0.5
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.1
Cacti Cacti 0.6.5
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6g
Cacti Cacti 0.8.4
668
VMScore
CVE-2010-2092
SQL injection vulnerability in graph.php in Cacti 0.8.7e and previous versions allows remote malicious users to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the ...
Cacti Cacti 0.6.6
Cacti Cacti 0.6.7
Cacti Cacti 0.8.3
Cacti Cacti 0.8.3a
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.7b
Cacti Cacti 0.6.4
Cacti Cacti 0.6.5
Cacti Cacti 0.8.2
Cacti Cacti 0.8.2a
Cacti Cacti 0.8.6b
Cacti Cacti 0.8.6c
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.7
Cacti Cacti 0.6
Cacti Cacti 0.6.1
Cacti Cacti 0.6.8
Cacti Cacti 0.6.8a
Cacti Cacti 0.8.4
Cacti Cacti 0.8.5
668
VMScore
CVE-2007-6035
SQL injection vulnerability in graph.php in Cacti prior to 0.8.7a allows remote malicious users to execute arbitrary SQL commands via the local_graph_id parameter.
Cacti Cacti
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »