Vulnerabilities > Cacti > Cacti > 0.8.6h

DATE CVE VULNERABILITY TITLE RISK
2009-11-30 CVE-2009-4112 Permissions, Privileges, and Access Controls vulnerability in Cacti
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
network
low complexity
cacti CWE-264
critical
 9.0
9.0
2007-11-20 CVE-2007-6035 SQL Injection vulnerability in Cacti
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
network
low complexity
cacti CWE-89
7.5
7.5