Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cacti cacti vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-8369
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and previous versions allows remote malicious users to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
Cacti Cacti
7.5
CVSSv2
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti prior to 0.8.8e allows remote malicious users to execute arbitrary SQL commands via the local_graph_id parameter.
Cacti Cacti
7.5
CVSSv2
CVE-2015-4454
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti prior to 0.8.8d allows remote malicious users to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
Cacti Cacti
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
7.5
CVSSv2
CVE-2015-4342
SQL injection vulnerability in Cacti prior to 0.8.8d allows remote malicious users to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
Cacti Cacti
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
7.5
CVSSv2
CVE-2014-5261
The graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.6e
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7i
Cacti Cacti
Cacti Cacti 0.8.7g
7.5
CVSSv2
CVE-2014-5262
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.6e
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7i
Cacti Cacti
Cacti Cacti 0.8.7g
7.5
CVSSv2
CVE-2014-4644
SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cacti Superlinks 1.4-2
2 EDB exploits
7.5
CVSSv2
CVE-2014-2709
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified parameters.
Cacti Cacti
Debian Debian Linux 8.0
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2014-2708
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source,...
Cacti Cacti 0.8.8b
7.5
CVSSv2
CVE-2013-5589
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Debian Debian Linux 7.0
Cacti Cacti 0.8.6k
Cacti Cacti 0.8.6d
Cacti Cacti 0.8.7
Cacti Cacti 0.8.5a
Cacti Cacti 0.8.3
Cacti Cacti 0.8.2
Cacti Cacti 0.8.5
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.6e
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.6f
Cacti Cacti 0.8.6g
Cacti Cacti 0.8.6j
Cacti Cacti 0.8.7h
Cacti Cacti 0.8.7c
Cacti Cacti 0.8
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »