CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-6035
https://notcve.org/view.php?id=CVE-2007-6035
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter. Una vulnerabilidad de inyección SQL en el archivo graph.php en Cacti versiones anteriores a 0.8.7a, permite a atacantes remotos ejecutar comandos SQL arbitrarios por medio del parámetro local_graph_id. • http://bugs.gentoo.org/show_bug.cgi?id=199509 http://secunia.com/advisories/27719 http://secunia.com/advisories/27745 http://secunia.com/advisories/27756 http://secunia.com/advisories/27891 http://secunia.com/advisories/27950 http://security.gentoo.org/glsa/glsa-200712-02.xml http://www.cacti.net/release_notes_0_8_7a.php http://www.debian.org/security/2007/dsa-1418 http://www.mandriva.com/security/advisories?name=MDKSA-2007:231 http://www.novell.com/linux/secur • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 10%CPEs: 1EXPL: 0CVE-2007-3112
https://notcve.org/view.php?id=CVE-2007-3112
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113. Cacti 0.8.6i y, posiblemente otras versiones, permite a usuarios remotos autenticados provocar una denegación de servicio (agotamiento de CPU) mediante un valor largo en los parámetros (1) graph_start o (2) graph_end. • http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html http://bugs.cacti.net/view.php?id=955 http://fedoranews.org/updates/FEDORA-2007-219.shtml http://mdessus.free.fr/?p=15 http://osvdb.org/37019 http://secunia.com/advisories/25557 http://secunia.com/advisories/26872 http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 http://www.mandriva.com/security/advisories?name=MDKSA-2007:184 https: •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3113
https://notcve.org/view.php?id=CVE-2007-3113
Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112. Cacti versión 0.8.6i, y posiblemente otras versiones, permite a usuarios remotos autenticados causar una denegación de servicio (consumo de CPU) por medio de un valor largo de un parámetro (1) graph_height o (2) graph_width, vectores diferentes de CVE-2007-3112. • http://bugs.cacti.net/view.php?id=955 http://fedoranews.org/updates/FEDORA-2007-219.shtml http://mdessus.free.fr/?p=15 http://osvdb.org/37019 http://secunia.com/advisories/25557 http://secunia.com/advisories/26872 http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 http://www.mandriva.com/security/advisories?name=MDKSA-2007:184 https://bugzilla.redhat.com/show_bug.cgi? •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2006-6799
https://notcve.org/view.php?id=CVE-2006-6799
SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function. Vulnerabilidad de inyección SQL en Cacti 0.8.6i y anteriores, cuando register_argc_argv está activado, permite a atacantes remotos ejecutar comandos SQL de su elección a través de los argumentos (1) segundo o (2) tercero de cmd.php. NOTA: este problema puede ser aprovechado para ejecutar comandos de su elección puesto que los resultados de la consulta SQL son utilizados posteriormente en el array polling_items y la función popen. • http://secunia.com/advisories/23528 http://secunia.com/advisories/23665 http://secunia.com/advisories/23917 http://secunia.com/advisories/23941 http://security.gentoo.org/glsa/glsa-200701-23.xml http://securitytracker.com/id?1017451 http://www.cacti.net/release_notes_0_8_6j.php http://www.debian.org/security/2007/dsa-1250 http://www.mandriva.com/security/advisories?name=MDKSA-2007:015 http://www.novell.com/linux/security/advisories/2007_07_cacti.html http://www.ope •
CVSS: 7.5EPSS: 3%CPEs: 15EXPL: 0CVE-2005-2148
https://notcve.org/view.php?id=CVE-2005-2148
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php. • http://secunia.com/advisories/15490 http://securitytracker.com/id?1014361 http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1 http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch http://www.debian.org/security/2005/dsa-764 http://www.hardened-php.net/advisory-032005.php http://www.hardened-php.net/advisory-042005.php http://www.securityfocus.com/archive/1/404047/30/30/threaded http://www.secu •