10
CVE-2005-2149
- EPSS 1.29%
- Published 06.07.2005 04:00:00
- Last modified 03.04.2025 01:03:51
- Source security@debian.org
- Teams watchlist Login
- Open Login
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
Data is provided by the National Vulnerability Database (NVD)
The Cacti Group ≫ Cacti Version0.8
The Cacti Group ≫ Cacti Version0.8.1
The Cacti Group ≫ Cacti Version0.8.2
The Cacti Group ≫ Cacti Version0.8.2a
The Cacti Group ≫ Cacti Version0.8.3
The Cacti Group ≫ Cacti Version0.8.3a
The Cacti Group ≫ Cacti Version0.8.4
The Cacti Group ≫ Cacti Version0.8.5
The Cacti Group ≫ Cacti Version0.8.5a
The Cacti Group ≫ Cacti Version0.8.6
The Cacti Group ≫ Cacti Version0.8.6a
The Cacti Group ≫ Cacti Version0.8.6b
The Cacti Group ≫ Cacti Version0.8.6c
The Cacti Group ≫ Cacti Version0.8.6d
The Cacti Group ≫ Cacti Version0.8.6e
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.29% | 0.778 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|