Cacti

Cacti

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.54%
  • Veröffentlicht 15.12.2011 03:57:34
  • Zuletzt bearbeitet 16.06.2026 23:35:28

SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

  • EPSS 3.87%
  • Veröffentlicht 23.08.2010 22:00:03
  • Zuletzt bearbeitet 16.06.2026 23:20:57

Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an ...

Exploit
  • EPSS 4.31%
  • Veröffentlicht 23.08.2010 22:00:03
  • Zuletzt bearbeitet 16.06.2026 23:20:57

Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

Exploit
  • EPSS 1.8%
  • Veröffentlicht 23.08.2010 22:00:03
  • Zuletzt bearbeitet 16.06.2026 23:20:57

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an ...

  • EPSS 1.86%
  • Veröffentlicht 23.08.2010 22:00:02
  • Zuletzt bearbeitet 16.06.2026 23:18:46

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) des...

  • EPSS 2.8%
  • Veröffentlicht 23.08.2010 22:00:02
  • Zuletzt bearbeitet 16.06.2026 23:18:46

Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Verti...

Exploit
  • EPSS 1.37%
  • Veröffentlicht 27.05.2010 22:30:01
  • Zuletzt bearbeitet 16.06.2026 23:19:57

SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, whi...

  • EPSS 3.8%
  • Veröffentlicht 04.05.2010 16:00:35
  • Zuletzt bearbeitet 16.06.2026 23:18:22

SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.

Exploit
  • EPSS 11.48%
  • Veröffentlicht 30.11.2009 21:30:00
  • Zuletzt bearbeitet 16.06.2026 23:13:03

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.

  • EPSS 5.74%
  • Veröffentlicht 29.11.2009 13:07:34
  • Zuletzt bearbeitet 16.06.2026 23:12:52

Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_sett...