The host is installed with Cacti before 1.2.27 and is prone to a SQL injection vulnerability. A flaw is present in the application, which fails to handle file inclusion issues in create_all_header_nodes function. Successful exploitation allows an attacker to modify the contents of the Cacti database.