CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 1CVE-2010-2092 – cacti: graph.php rra_id SQL injection vulnerability (MOPS-2010-023)
https://notcve.org/view.php?id=CVE-2010-2092
SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query. Vulnerabilidad de inyección SQL en graph.php en Cacti v0.8.7e y anteriores permite a atacntes remotos ejecutar comandos SQL de su elección a través del parámetro rra_id en una petición GET en conjunción con un valor rra_id válido en una petición POST o una cooki, que supera la rutina de validación. • http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html http://secunia.com/advisories/41041 http://www.cacti.net/changelog.php http://www.debian.org/security/2010/dsa-2060 http://www.vupen.com/english/advisories/2010/2132 https://rhn.redhat.com/errata/RHSA-2010-0635.html https://access.redhat.com/security/cve/CVE-2010-2092 https://bugzilla.redhat.com/show_bug.cgi?id=609076 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 1CVE-2010-1431 – Cacti 0.8.7e - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1431
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter. Vulnerabilidad de inyección SQL en templates_export.php en Cacti v0.8.7e y anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro export_item_id. • https://www.exploit-db.com/exploits/12338 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://seclists.org/fulldisclosure/2010/Apr/272 http://secunia.com/advisories/39568 http://secunia.com/advisories/39572 http://secunia.com/advisories/41041 http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch http://www.debian.org/security/2010/dsa-2039 http://www.exploit-d • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 5%CPEs: 16EXPL: 3CVE-2009-4112 – Joomla! Component ProofReader 1.0 RC9 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-4112
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands. Cacti v0.8.7e y anteriores permite a administradores remotos autenticados obtener privilegios modificando el "Data Input Method" (método de entrada de datos) para la opción "Linux - Get Memory Usage" (Linux - obtener utilización de la memoria) para contener comandos de su elección. • https://www.exploit-db.com/exploits/33377 http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html http://www.openwall.com/lists/oss-security/2009/11/26/1 http://www.openwall.com&#x • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 2CVE-2009-4032 – Cacti 0.8.x - 'graph.php' Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-4032
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_settings.php, as demonstrated by the (a) graph_end or (b) graph_start parameters to graph.php; (c) the date1 parameter in a tree action to graph_view.php; and the (d) page_refresh and (e) default_dual_pane_width parameters to graph_settings.php. Múltiples vulnerabilidades de XSS en Cacti 0.8.7e permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores relacionados con (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php y (4) lib/timespan_settings.php, como es demostrado por los parámetros (a) graph_end o (b) graph_start a graph.php; (c) el parámetro date1 en una acción tree a graph_view.php; y los parámetros (d) page_refresh y (e) default_dual_pane_width a graph_settings.php. Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities. • https://www.exploit-db.com/exploits/33374 https://www.exploit-db.com/exploits/10234 http://archives.neohapsis.com/archives/fulldisclosure/2009-11/0292.html http://bugs.gentoo.org/show_bug.cgi?id=294573 http://docs.cacti.net/#cross-site_scripting_fixes http://jvn.jp/en/jp/JVN09758120/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-003901.html http://secunia.com/advisories/37481 http://secunia.com/advisories/37934 http://secunia.com/advisories/38087 http: • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 1%CPEs: 16EXPL: 3CVE-2008-0783 – Cacti 0.8.7 - 'graph_view.php?filter' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-0783
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en Cacti versión 0.8.7 anterior a 0.8.7b y versión 0.8.6 anterior a 0.8.6k, permiten a los atacantes remotos inyectar script web o HTML arbitrario por medio de (1) el parámetro view_type en el archivo graph.php; (2) el parámetro filter en el archivo graph_view.php; (3) el parámetro action en la función draw_navigation_text en el archivo lib/functions.php, accesible por medio del archivo index.php (también conocido como la página de inicio de sesión) o el archivo data_input.php; o (4) el parámetro login_username en el archivo index.php. • https://www.exploit-db.com/exploits/31158 https://www.exploit-db.com/exploits/31157 http://bugs.cacti.net/view.php?id=1245 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/28872 http://secunia.com/advisories/28976 http://secunia.com/advisories/29242 http://secunia.com/advisories/29274 http://secunia.com/advisories/30045 http://security.gentoo.org/glsa/glsa-200803-18.xml http://securityreason.com/securityalert/3657 http&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •