Ubuntu Security Notice 6720-1 - Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.
72a1060cc659927cdff0d3fabd91138203688e06b807e728473d37ed3e99a9d3
Debian Linux Security Advisory 5550-1 - Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, an open redirect or command injection.
7a7f9ca4bb5abfa98cf53aa0ca9aa66f7e866e296a2de95a9bff10d7bbd41b98