Mandriva Linux Security Advisory 2012-010 - SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter. Various vulnerabilities were discovered and fixed in the 0.8.7i version. The updated packages provide the latest 0.8.7i version which is not affected by these issues.
ca005370434a3ce2a2f63974ceafe2b1f737775c275eb674e89cd20ea2c2c927