Cacti 0.8.5a allows remote malicious users to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
the cacti group cacti 0.8.5a |