668
VMScore

CVE-2005-1525

Published: 22/06/2005 Updated: 11/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in config_settings.php for Cacti prior to 0.8.6e allows remote malicious users to execute arbitrary SQL commands via the id parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

the cacti group cacti 0.5

the cacti group cacti 0.6

the cacti group cacti 0.6.1

the cacti group cacti 0.6.2

the cacti group cacti 0.6.3

the cacti group cacti 0.6.4

the cacti group cacti 0.6.5

the cacti group cacti 0.6.6

the cacti group cacti 0.6.7

the cacti group cacti 0.6.8

the cacti group cacti 0.6.8a

the cacti group cacti 0.8

the cacti group cacti 0.8.1

the cacti group cacti 0.8.2

the cacti group cacti 0.8.2a

the cacti group cacti 0.8.3

the cacti group cacti 0.8.3a

the cacti group cacti 0.8.4

the cacti group cacti 0.8.5a

the cacti group cacti

Vendor Advisories

Several vulnerabilities have been discovered in cacti, a round-robin database (RRD) tool that helps create graphs from database information The Common Vulnerabilities and Exposures Project identifies the following problems: CAN-2005-1524 Maciej Piotr Falkiewicz and an anonymous researcher discovered an input validation bug that allows an ...