Search CVE reports


Toggle filters

41 – 50 of 167 results


CVE-2024-27082

Medium priority
Needs evaluation

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-25641

Medium priority

Some fixes available 4 of 5

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-51448

Medium priority
Needs evaluation

Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-50250

Medium priority
Needs evaluation

Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-49088

Medium priority
Needs evaluation

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-49085

Medium priority
Needs evaluation

Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-50569

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-50250. Reason: This record is a reservation duplicate of CVE-2023-50250. Notes: All CVE users should reference CVE-2023-50250 instead of this record....

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-49086

Medium priority
Needs evaluation

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-49084

Medium priority
Needs evaluation

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to...

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Not affected Not affected Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2023-46490

Medium priority
Needs evaluation

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.

1 affected package

cacti

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cacti Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages