Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2023-37543
Disclosure Date: August 10, 2023 (last updated October 08, 2023)
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723.
0
Attacker Value
Unknown
CVE-2019-16723
Disclosure Date: September 23, 2019 (last updated November 08, 2023)
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
0
