The host is installed with Cacti before 1.2.25 and is prone to an SQL injection vulnerability. A flaw is present in the application, which fails to handle the Cacti Regular Expression validation combined with the external links feature. Successful exploitation allows attackers to cause SQL injections and subsequent data leakage.