Total
118 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-23226 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php. | |||||
CVE-2020-14424 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme. | |||||
CVE-2020-14295 | 2 Cacti, Fedoraproject | 2 Cacti, Fedora | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries. | |||||
CVE-2020-13231 | 2 Cacti, Fedoraproject | 2 Cacti, Fedora | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. | |||||
CVE-2020-13230 | 3 Cacti, Debian, Fedoraproject | 3 Cacti, Debian Linux, Fedora | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). | |||||
CVE-2019-17358 | 3 Cacti, Debian, Opensuse | 3 Cacti, Debian Linux, Leap | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module. | |||||
CVE-2019-17357 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery. | |||||
CVE-2019-16723 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter. | |||||
CVE-2019-11025 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS. | |||||
CVE-2018-20726 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices. | |||||
CVE-2018-20725 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label. | |||||
CVE-2018-20724 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | |||||
CVE-2018-20723 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color. | |||||
CVE-2018-10061 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used). | |||||
CVE-2018-10060 | 2 Cacti, Debian | 2 Cacti, Debian Linux | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php. | |||||
CVE-2018-10059 | 1 Cacti | 1 Cacti | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name. | |||||
CVE-2017-16785 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. | |||||
CVE-2017-16661 | 1 Cacti | 1 Cacti | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd. | |||||
CVE-2017-16660 | 1 Cacti | 1 Cacti | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header. | |||||
CVE-2017-16641 | 1 Cacti | 1 Cacti | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php. |