Download
| Alert*
oval:org.secpod.oval:def:63408
The host is installed with Cacti before 1.2.11 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to handle auth_profile.php?action=edit page. Successful exploitation could allow an attacker to change admin email address. oval:org.secpod.oval:def:118309 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:118317 Spine is a supplemental poller for Cacti that makes use of pthreads to achieve excellent performance. oval:org.secpod.oval:def:118318 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:118314 Spine is a supplemental poller for Cacti that makes use of pthreads to achieve excellent performance. oval:org.secpod.oval:def:2003994 In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. |