Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cacti cacti 0.8.8a vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-8604
SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and previous versions allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.
Cacti Cacti
NA
CVE-2015-8369
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and previous versions allows remote malicious users to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
Cacti Cacti
NA
CVE-2015-8377
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and previous versions allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
Cacti Cacti
NA
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti prior to 0.8.8e allows remote malicious users to execute arbitrary SQL commands via the local_graph_id parameter.
Cacti Cacti
NA
CVE-2014-5026
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templa...
Debian Debian Linux 7.0
Cacti Cacti 0.8.8b
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2014-5025
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
Debian Debian Linux 7.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Cacti Cacti 0.8.8b
NA
CVE-2014-5261
The graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.7
Cacti Cacti 0.8.6e
Cacti Cacti
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7a
NA
CVE-2014-5262
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Cacti Cacti
Cacti Cacti 0.8.7d
Cacti Cacti 0.8.7c
Cacti Cacti 0.8.7b
Cacti Cacti 0.8.7f
Cacti Cacti 0.8.7e
Cacti Cacti 0.8.8a
Cacti Cacti 0.8.8
Cacti Cacti 0.8.7a
Cacti Cacti 0.8.7
Cacti Cacti 0.8.7i
Cacti Cacti 0.8.7g
Cacti Cacti 0.8.6e
NA
CVE-2014-4002
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote malicious users to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Cacti Cacti 0.8.8b
NA
CVE-2014-2327
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and previous versions allows remote malicious users to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3)...
Cacti Cacti
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »