Show filters
152 Total Results
Displaying 101-110 of 152
Sort by:
Attacker Value
Unknown

CVE-2015-4634

Disclosure Date: August 11, 2015 (last updated October 05, 2023)
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
0
0
Attacker Value
Unknown

CVE-2015-2967

Disclosure Date: July 10, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in settings.php in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-4342

Disclosure Date: June 17, 2015 (last updated October 05, 2023)
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
0
0
Attacker Value
Unknown

CVE-2015-2665

Disclosure Date: June 17, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-4454

Disclosure Date: June 17, 2015 (last updated October 05, 2023)
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
0
0
Attacker Value
Unknown

CVE-2015-0916

Disclosure Date: May 22, 2015 (last updated October 05, 2023)
SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to execute arbitrary SQL commands via the local_graph_id parameter, a different vulnerability than CVE-2007-6035.
0
0
Attacker Value
Unknown

CVE-2014-5025

Disclosure Date: October 20, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
0
0
Attacker Value
Unknown

CVE-2014-5026

Disclosure Date: October 20, 2014 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action; (3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action; (6) Data Source Title; (7) Graph Title; or (8) Graph Template Name in a delete or (9) duplicate action.
0
0
Attacker Value
Unknown

CVE-2014-5262

Disclosure Date: August 22, 2014 (last updated October 05, 2023)
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-5261

Disclosure Date: August 22, 2014 (last updated October 05, 2023)
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
0
0
View More Topics  < Previous  Next >