FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cacti -- SQL injection vulnerabilities

Affected packages
cacti <= 0.8.8f_1

Details

VuXML ID bb961ff3-b3a4-11e5-8255-5453ed2e2b49
Discovery 2015-12-05
Entry 2016-01-05

NVD reports:

SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.

[source]

References

CVE Name CVE-2015-8369
Message http://seclists.org/fulldisclosure/2015/Dec/8
URL http://bugs.cacti.net/view.php?id=2646
URL http://svn.cacti.net/viewvc?view=rev&revision=7767

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.