Vulnerabilities > THE Cacti Group > Cacti > 0.6.8a
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-22 | CVE-2005-1526 | Remote File Include vulnerability in RaXnet Cacti Config_Settings.PHP PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter. | 7.5 |
| 2005-06-22 | CVE-2005-1525 | SQL Injection vulnerability in RaXnet Cacti SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-06-22 | CVE-2005-1524 | Unspecified vulnerability in the Cacti Group Cacti PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter. | 5.0 |
| 2004-08-16 | CVE-2004-1737 | SQL Injection vulnerability in RaXnet Cacti Auth_Login.PHP SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | 7.5 |