Vulnerabilities > Cacti > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-21 | CVE-2023-49084 | Unspecified vulnerability in Cacti 1.2.25 Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). | 8.8 |
2023-09-05 | CVE-2023-31132 | Unspecified vulnerability in Cacti Cacti is an open source operational monitoring and fault management framework. | 7.8 |
2023-09-05 | CVE-2023-39357 | Cacti is an open source operational monitoring and fault management framework. | 8.8 |
2023-09-05 | CVE-2023-39358 | Cacti is an open source operational monitoring and fault management framework. | 8.8 |
2023-09-05 | CVE-2023-39362 | Cacti is an open source operational monitoring and fault management framework. | 7.2 |
2023-09-05 | CVE-2023-39359 | Cacti is an open source operational monitoring and fault management framework. | 8.8 |
2023-08-10 | CVE-2023-37543 | Authorization Bypass Through User-Controlled Key vulnerability in Cacti Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. | 7.5 |
2021-01-11 | CVE-2020-35701 | SQL Injection vulnerability in multiple products An issue was discovered in Cacti 1.2.x through 1.2.16. | 8.8 |
2020-06-17 | CVE-2020-14295 | SQL Injection vulnerability in multiple products A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. | 7.2 |
2020-02-22 | CVE-2020-8813 | OS Command Injection vulnerability in multiple products graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. | 8.8 |