Cacti

Cacti

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.68%
  • Veröffentlicht 14.05.2024 15:25:26
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. The...

Exploit
  • EPSS 1.79%
  • Veröffentlicht 14.05.2024 15:25:26
  • Zuletzt bearbeitet 04.11.2025 17:15:51

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_node...

Exploit
  • EPSS 12.6%
  • Veröffentlicht 14.05.2024 15:25:25
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement ...

Exploit
  • EPSS 26.15%
  • Veröffentlicht 14.05.2024 15:25:21
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL inject...

Exploit
  • EPSS 0.84%
  • Veröffentlicht 14.05.2024 15:25:20
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_p...

Exploit
  • EPSS 14.66%
  • Veröffentlicht 14.05.2024 15:25:20
  • Zuletzt bearbeitet 04.11.2025 17:15:50

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concaten...

  • EPSS 0.59%
  • Veröffentlicht 14.05.2024 15:22:18
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained co...

  • EPSS 94.29%
  • Veröffentlicht 14.05.2024 15:17:15
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `...

Exploit
  • EPSS 0.9%
  • Veröffentlicht 14.05.2024 15:17:14
  • Zuletzt bearbeitet 18.12.2024 21:10:38

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/func...

Exploit
  • EPSS 0.91%
  • Veröffentlicht 14.05.2024 15:11:27
  • Zuletzt bearbeitet 18.12.2024 21:01:17

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server...