Debian Linux Security Advisory 3494-1 - Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphs_new.php script to execute arbitrary SQL commands on the database.
97808cf3529875d4bcd54cfdad0de8a01c508d89587d889ac02eab545d374b0b