Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cacti cacti vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25641
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to ex...
NA
CVE_2023_46805
Penetration testing of https://ris.ucll.be/ Tools used Nmap It looks like the host is running on Azure since the ports are open by default 1221 and 8172. This is also indicated by the fingerprint Microsoft Azure Web App. The Python webserver being used is Gunicorn, it is a Unix b...
1 Github repository
NA
CVE-2015-8369
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and previous versions allows remote malicious users to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
Cacti Cacti
NA
CVE-2015-8377
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and previous versions allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
Cacti Cacti
NA
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti prior to 0.8.8e allows remote malicious users to execute arbitrary SQL commands via the local_graph_id parameter.
Cacti Cacti
NA
CVE-2015-2967
Cross-site scripting (XSS) vulnerability in settings.php in Cacti prior to 0.8.8d allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Cacti Cacti
NA
CVE-2015-4454
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti prior to 0.8.8d allows remote malicious users to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
Cacti Cacti
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Fedoraproject Fedora 22
NA
CVE-2015-4342
SQL injection vulnerability in Cacti prior to 0.8.8d allows remote malicious users to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
Cacti Cacti
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Fedoraproject Fedora 22
NA
CVE-2015-2665
Cross-site scripting (XSS) vulnerability in Cacti prior to 0.8.8d allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Cacti Cacti
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
NA
CVE-2015-0916
SQL injection vulnerability in graph.php in Cacti prior to 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.
Cacti Cacti
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »