Cacti

Cacti

137 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2013-1434

  • EPSS 1.15%
  • Published 23.08.2013 16:55:06
  • Last modified 11.04.2025 00:51:21

Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

4.3

CVE-2011-5223

  • EPSS 0.54%
  • Published 25.10.2012 17:55:04
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

7.5

CVE-2011-4824

  • EPSS 1.64%
  • Published 15.12.2011 03:57:34
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

4.3

CVE-2010-2543

  • EPSS 5.87%
  • Published 23.08.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an ...

4.3

CVE-2010-2544

Exploit
  • EPSS 6.01%
  • Published 23.08.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

4.3

CVE-2010-2545

Exploit
  • EPSS 1.35%
  • Published 23.08.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an ...

4.3

CVE-2010-1644

  • EPSS 2.03%
  • Published 23.08.2010 22:00:02
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) des...

6.5

CVE-2010-1645

  • EPSS 1.96%
  • Published 23.08.2010 22:00:02
  • Last modified 11.04.2025 00:51:21

Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Verti...

7.5

CVE-2010-2092

Exploit
  • EPSS 0.14%
  • Published 27.05.2010 22:30:01
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, whi...

7.5

CVE-2010-1431

  • EPSS 6.14%
  • Published 04.05.2010 16:00:35
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.