RSS   Vulnerabilities for 'Cacti'   RSS

2022-01-19
 
CVE-2021-23225

CWE-79
 

 
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.

 
 
CVE-2021-26247

CWE-79
 

 
As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.

 
 
CVE-2021-3816

CWE-79
 

 
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.

 
2021-11-14
 
CVE-2020-14424

CWE-79
 

 
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.

 
2021-01-11
 
CVE-2020-35701

CWE-89
 

 
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.

 
2020-06-17
 
CVE-2020-14295

CWE-89
 

 
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

 
2020-05-20
 
CVE-2020-13231

CWE-352
 

 
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.

 
 
CVE-2020-13230

CWE-281
 

 
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).

 
2020-02-22
 
CVE-2020-8813

CWE-78
 

 
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

 
2020-01-21
 
CVE-2019-17357

CWE-89
 

 
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.

 


Copyright 2024, cxsecurity.com

 

Back to Top