Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `���managers.php���`. An authenticated attacker with the ���Settings/Utilities��� permission can send a crafted HTTP GET request to the endpoint `���/cacti/managers.php���` with an SQLi payload in the `���s ...