Download
| Alert*
oval:org.secpod.oval:def:1300037
Multiple vulnerabilities has been found and corrected in cacti: SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter . Various vulnerabilities were discovered and fixed in the 0.8.7i version . ... oval:org.secpod.oval:def:600724 It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny. oval:org.secpod.oval:def:600705 Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. |