Debian Linux Security Advisory 3295-1 - Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.
d2270ddee10b79388cb859232c9460813be0e3e20d67218545961d4dc00d0b4f
Cacti versions prior to 0.8.8d suffer from remote SQL injection and header injection vulnerabilities.
3e823ac472067243035504e5783afe8875d2bc6dade55e315ed703166b3ea9b8