Multiple vulnerabilities has been found and corrected in cacti: SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter . Various vulnerabilities were discovered and fixed in the 0.8.7i version . The updated packages provides the latest 0.8.7i version which are not affected by these issues.