Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-02-14T22:00:00
Updated: 2024-08-07T08:01:39.011Z
Reserved: 2008-02-14T00:00:00
Link: CVE-2008-0785
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-02-14T23:00:00.000
Modified: 2024-11-21T00:42:54.333
Link: CVE-2008-0785
Redhat
No data.