CVSS: 6.1EPSS: 4%CPEs: 16EXPL: 3CVE-2008-0783 – Cacti 0.8.7 - 'graph_view.php?filter' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-0783
14 Feb 2008 — Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php. Múltiples vulnerabilidades de tipo cross-site scripti... • https://www.exploit-db.com/exploits/31158 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 1%CPEs: 16EXPL: 1CVE-2008-0784
https://notcve.org/view.php?id=CVE-2008-0784
14 Feb 2008 — graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors. Graph.php en Cacti 0.8.7 anterior a 0.8.7b y 0.8.6 anterior a 0.8.6k, permite a atacantes remotos obtener la ruta completa a través de un parámetro local_graph_id inválido y otros vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 16EXPL: 0CVE-2008-0786
https://notcve.org/view.php?id=CVE-2008-0786
14 Feb 2008 — CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en Cacti 0.8.7 anterior a 0.8.7b y 0.8.6 anterior a 0.8.6k, cuando se ejecuta en intérpretes PHP antiguos, permite a atacantes remotos inyectar cabeceras HTTP de su elección y llevar a cabo ataques de división de respuesta HTTP a ... • http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 0CVE-2007-6035
https://notcve.org/view.php?id=CVE-2007-6035
20 Nov 2007 — SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter. Una vulnerabilidad de inyección SQL en el archivo graph.php en Cacti versiones anteriores a 0.8.7a, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio del parámetro local_graph_id. • http://bugs.gentoo.org/show_bug.cgi?id=199509 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2007-3112
https://notcve.org/view.php?id=CVE-2007-3112
07 Jun 2007 — graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113. Cacti 0.8.6i y, posiblemente otras versiones, permite a usuarios remotos autenticados provocar una denegación de servicio (agotamiento de CPU) mediante un valor largo en los parámetros (1) graph_start o (2) graph_end. • http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3113
https://notcve.org/view.php?id=CVE-2007-3113
07 Jun 2007 — Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112. Cacti versión 0.8.6i, y posiblemente otras versiones, permite a usuarios remotos autenticados causar una denegación de servicio (consumo de CPU) por medio de un valor largo de un parámetro (1) graph_height o (2) graph_width, vectores diferentes de CVE-2007-3112. • http://bugs.cacti.net/view.php?id=955 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2006-6799
https://notcve.org/view.php?id=CVE-2006-6799
28 Dec 2006 — SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function. Vulnerabilidad de inyección SQL en Cacti 0.8.6i y anteriores, cuando register_argc_argv está activado, permite a atacantes remotos ejecutar comandos SQL ... • http://secunia.com/advisories/23528 •
CVSS: 9.8EPSS: 10%CPEs: 8EXPL: 6CVE-2006-0146 – Simplog 0.9.2 - 's' Remote Command Execution
https://notcve.org/view.php?id=CVE-2006-0146
09 Jan 2006 — The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter. • https://www.exploit-db.com/exploits/1663 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 5CVE-2006-0147 – Simplog 0.9.2 - 's' Remote Command Execution
https://notcve.org/view.php?id=CVE-2006-0147
09 Jan 2006 — Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo. • https://www.exploit-db.com/exploits/1663 •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 0CVE-2005-2148
https://notcve.org/view.php?id=CVE-2005-2148
06 Jul 2005 — Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php. • http://secunia.com/advisories/15490 •