Cacti

Cacti

137 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2023-39512

Exploit
  • EPSS 0.45%
  • Veröffentlicht 05.09.2023 21:15:47
  • Zuletzt bearbeitet 21.11.2024 08:15:34

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. Thes...

5.4

CVE-2023-39513

Exploit
  • EPSS 0.28%
  • Veröffentlicht 05.09.2023 21:15:47
  • Zuletzt bearbeitet 21.11.2024 08:15:34

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. Thes...

5.4

CVE-2023-39514

Exploit
  • EPSS 0.29%
  • Veröffentlicht 05.09.2023 21:15:47
  • Zuletzt bearbeitet 10.04.2025 20:54:10

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. Thes...

4.8

CVE-2023-39515

Exploit
  • EPSS 0.24%
  • Veröffentlicht 05.09.2023 21:15:47
  • Zuletzt bearbeitet 21.11.2024 08:15:34

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data w...

8.8

CVE-2023-39359

Exploit
  • EPSS 4.72%
  • Veröffentlicht 05.09.2023 21:15:46
  • Zuletzt bearbeitet 21.11.2024 08:15:14

Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability r...

6.1

CVE-2023-39360

Exploit
  • EPSS 0.48%
  • Veröffentlicht 05.09.2023 21:15:46
  • Zuletzt bearbeitet 21.11.2024 08:15:14

Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in `graphs_new.ph...

9.8

CVE-2023-39361

Exploit
  • EPSS 93.06%
  • Veröffentlicht 05.09.2023 21:15:46
  • Zuletzt bearbeitet 21.11.2024 08:15:14

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest user...

4.8

CVE-2023-39366

Exploit
  • EPSS 0.33%
  • Veröffentlicht 05.09.2023 21:15:46
  • Zuletzt bearbeitet 21.11.2024 08:15:15

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data...

5.3

CVE-2022-48538

Exploit
  • EPSS 0.06%
  • Veröffentlicht 22.08.2023 19:16:31
  • Zuletzt bearbeitet 21.11.2024 07:33:29

In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.

6.1

CVE-2022-48547

Exploit
  • EPSS 0.52%
  • Veröffentlicht 22.08.2023 19:16:31
  • Zuletzt bearbeitet 21.11.2024 07:33:30

A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.