Vulnerabilities > Cacti > High

DATE CVE VULNERABILITY TITLE RISK
2016-04-11 CVE-2015-8604 SQL Injection vulnerability in Cacti
SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via the cg_g parameter in a save action.
network
low complexity
cacti CWE-89
8.8
2016-04-11 CVE-2016-3659 SQL Injection vulnerability in Cacti
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.
network
low complexity
cacti CWE-89
8.8