Download
| Alert*
oval:org.secpod.oval:def:1800714
CVE-2017-10970: Cross-site scripting vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php. oval:org.secpod.oval:def:56025 The host is installed with Cacti version 1.1.12 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle the issue in link.php component. Successful exploitation allows remote authenticated attackers to inject arbitrary web script or HTML via ... oval:org.secpod.oval:def:112614 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:112797 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:1600749 spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter. Cross-site scripting vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or ... oval:org.secpod.oval:def:112613 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. |