Vulnerabilities > Cacti > Cacti > 0.8.6e

DATE CVE VULNERABILITY TITLE RISK
2010-05-04 CVE-2010-1431 SQL Injection vulnerability in Cacti
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.
network
low complexity
cacti CWE-89
7.5
7.5
2009-11-30 CVE-2009-4112 Permissions, Privileges, and Access Controls vulnerability in Cacti
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
network
low complexity
cacti CWE-264
critical
 9.0
9.0
2007-11-20 CVE-2007-6035 SQL Injection vulnerability in Cacti
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
network
low complexity
cacti CWE-89
7.5
7.5