Vulnerabilities > Cacti > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-49085 SQL Injection vulnerability in Cacti
Cacti provides an operational monitoring and fault management framework.
network
low complexity
cacti CWE-89
8.8
8.8
2023-12-22 CVE-2023-51448 SQL Injection vulnerability in Cacti 1.2.25
Cacti provides an operational monitoring and fault management framework.
network
low complexity
cacti CWE-89
8.8
8.8
2023-12-21 CVE-2023-49084 PHP Remote File Inclusion vulnerability in Cacti 1.2.25
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB).
network
low complexity
cacti CWE-98
8.8
8.8
2023-09-05 CVE-2023-31132 Missing Authentication for Critical Function vulnerability in Cacti
Cacti is an open source operational monitoring and fault management framework.
local
low complexity
cacti CWE-306
7.8
7.8
2023-09-05 CVE-2023-39357 SQL Injection vulnerability in multiple products
Cacti is an open source operational monitoring and fault management framework.
network
low complexity
cacti fedoraproject CWE-89
8.8
8.8
2023-09-05 CVE-2023-39358 SQL Injection vulnerability in multiple products
Cacti is an open source operational monitoring and fault management framework.
network
low complexity
cacti fedoraproject CWE-89
8.8
8.8
2023-09-05 CVE-2023-39362 OS Command Injection vulnerability in multiple products
Cacti is an open source operational monitoring and fault management framework.
network
low complexity
cacti fedoraproject CWE-78
7.2
7.2
2023-09-05 CVE-2023-39359 SQL Injection vulnerability in multiple products
Cacti is an open source operational monitoring and fault management framework.
network
low complexity
cacti fedoraproject CWE-89
8.8
8.8
2023-08-10 CVE-2023-37543 Authorization Bypass Through User-Controlled Key vulnerability in Cacti
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php.
network
low complexity
cacti CWE-639
7.5
7.5
2021-01-11 CVE-2020-35701 SQL Injection vulnerability in multiple products
An issue was discovered in Cacti 1.2.x through 1.2.16.
network
low complexity
cacti fedoraproject CWE-89
8.8
8.8