what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Cacti 1.2.8 Authenticated Remote Code Execution
Posted Feb 26, 2020
Authored by Askar

Cacti version 1.2.8 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-8813
MD5 | 3131b5c154b2f3713e2859a12a1e81ad

Related Files

Gentoo Linux Security Advisory 202101-31
Posted Jan 27, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-31 - A vulnerability in Cacti could lead to remote code execution. Versions less than 1.2.16-r1 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2020-35701
MD5 | 77d87135ba76d519c7d1a4528737532b
Gentoo Linux Security Advisory 202007-03
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.13 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14295
MD5 | d29dd3a48dd75205f6082fcb232dbfad
Gentoo Linux Security Advisory 202004-16
Posted May 1, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-16 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.11 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-8813
MD5 | a86f78768fb05165978d9ef7b8b3b54a
Gentoo Linux Security Advisory 202003-40
Posted Mar 19, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-40 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.2.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-16723, CVE-2019-17357, CVE-2019-17358, CVE-2020-7106, CVE-2020-7237
MD5 | 37ff622a190e0e5aad677e4ea1da840d
Cacti 1.2.8 Unauthenticated Remote Code Execution
Posted Mar 2, 2020
Authored by Lucas Amorim | Site metasploit.com

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

tags | exploit, remote, arbitrary, shell, php
advisories | CVE-2020-8813
MD5 | e3413f767022b61c38a8008949f806d6
Cacti 1.2.8 Unauthenticated Remote Code Execution
Posted Feb 26, 2020
Authored by Askar

Cacti version 1.2.8 suffers from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-8813
MD5 | e7532209471bf71937075692ec45d1c0
Debian Security Advisory 4604-1
Posted Jan 19, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4604-1 - Multiple issues have been found in cacti, a server monitoring system, potentially resulting in SQL code execution or information disclosure by authenticated users.

tags | advisory, code execution, info disclosure
systems | linux, debian
advisories | CVE-2019-16723, CVE-2019-17357, CVE-2019-17358
MD5 | 19ed4d84151d8d8d569b2ebabf448f5a
Gentoo Linux Security Advisory 201711-10
Posted Nov 13, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201711-10 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.1.20:1.1.20 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-4000, CVE-2016-2313, CVE-2017-12065
MD5 | d56b7c61d4bb4a943eac7740c0966649
Cacti 0.8.8g SQL Injection
Posted Apr 5, 2016
Authored by Xiaotian Wang

Cacti versions 0.8.8g and below remote SQL injection exploit.

tags | exploit, remote, sql injection
advisories | CVE-2016-3659
MD5 | 819ef3ca9e6d150e04369787beb730e7
Debian Security Advisory 3494-1
Posted Feb 29, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3494-1 - Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphs_new.php script to execute arbitrary SQL commands on the database.

tags | advisory, web, arbitrary, php, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2015-8377, CVE-2015-8604
MD5 | 942caef3451e252db49882c58230b063
Cacti 0.8.8f graphs_new.php SQL Injection
Posted Jan 9, 2016
Authored by changzhao.mao

Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability in graphs_new.php.

tags | exploit, remote, php, sql injection
advisories | CVE-2015-8604
MD5 | b15db17cc4afad406f9f6ccbfd5cba0f
Debian Security Advisory 3423-1
Posted Dec 17, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3423-1 - Several SQL injection vulnerabilities have been discovered in Cacti, an RRDTool frontend written in PHP. Specially crafted input can be used by an attacker in the rra_id value of the graph.php script to execute arbitrary SQL commands on the database.

tags | advisory, arbitrary, php, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2015-8369
MD5 | 59618c08f274593c2e35cad61f6ad52a
Cacti 0.8.8f SQL Injection
Posted Dec 9, 2015
Authored by changzhao.mao

Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-8369
MD5 | da58d64925e42ef8d1daf114845be6c4
Gentoo Linux Security Advisory 201509-03
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to arbitrary code execution. Versions less than 0.8.8d are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002, CVE-2014-5025, CVE-2014-5026, CVE-2015-2967
MD5 | 96c2eb620e7e68c5ae40b923b9102215
Debian Security Advisory 3312-1
Posted Jul 22, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3312-1 - Multiple SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2015-4634
MD5 | 8937e786a9e69e49fbc25f80d275e8af
Debian Security Advisory 3295-1
Posted Jun 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3295-1 - Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, vulnerability, xss, sql injection
systems | linux, debian
advisories | CVE-2015-2665, CVE-2015-4342, CVE-2015-4454
MD5 | 54ed0813f906e7adda519b1f61589d99
Cacti SQL Injection / Header Injection
Posted Jun 9, 2015
Authored by unhex

Cacti versions prior to 0.8.8d suffer from remote SQL injection and header injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2015-4342
MD5 | deea2ea05a07d3a12b84fd1b56bb35f2
Cacti Superlinks 1.4-2 Code Execution / LFI / SQL Injection
Posted Dec 20, 2014
Authored by Wireghoul

Cacti Superlinks version 1.4-2 suffers from code execution via local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion
advisories | CVE-2014-4644
MD5 | e9b1d0f447cd3fb2c12705fe250b0523
Debian Security Advisory 3007-1
Posted Aug 20, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3007-1 - Multiple security issues (cross-site scripting, missing input sanitising and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, xss, sql injection
systems | linux, debian
advisories | CVE-2014-5025, CVE-2014-5026, CVE-2014-5027, CVE-2014-5261, CVE-2014-5262
MD5 | eaa5786563743cbdff4cab2dd5bf6063
Debian Security Advisory 2970-1
Posted Jun 30, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2970-1 - Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.

tags | advisory, web, xss, sql injection, csrf
systems | linux, debian
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002
MD5 | a69ad988e27a650486aa3345c952d3a2
Deutsche Telekom CERT Advisory DTC-A-20140324-001
Posted Mar 25, 2014
Authored by Deutsche Telekom CERT

Cacti version 0.8.7g suffers from stored cross site scripting, cross site request forgery, and possible command execution vulnerabilities.

tags | advisory, vulnerability, xss, csrf
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328
MD5 | b90504d3938e1a80d5ce55fa8505ce0e
Gentoo Linux Security Advisory 201401-20
Posted Jan 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-20 - Multiple vulnerabilities have been found in Cacti, allowing attackers to execute arbitrary code or perform XSS attacks. Versions less than 0.8.8b are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-1644, CVE-2010-1645, CVE-2010-2092, CVE-2010-2543, CVE-2010-2544, CVE-2010-2545, CVE-2013-1434, CVE-2013-1435
MD5 | 4b317b9124117a7eac98f03a98efeb9c
Mandriva Linux Security Advisory 2013-228
Posted Sep 10, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-228 - Multiple cross-site scripting vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via the id parameter to cacti/host.php. SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. The updated packages have been patched to correct these issues.

tags | advisory, remote, web, arbitrary, php, vulnerability, xss, sql injection
systems | linux, mandriva
advisories | CVE-2013-5588, CVE-2013-5589
MD5 | bba52010bb16b1de58492d1e337b2dbe
HP SiteScope Remote Code Execution
Posted Sep 9, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in HP SiteScope. The vulnerability exists on the opcactivate.vbs script, which is reachable from the APIBSMIntegrationImpl AXIS service, and uses WScript.Shell.run() to execute cmd.exe with user provided data. Note which the opcactivate.vbs component is installed with the (optional) HP Operations Agent component. The module has been tested successfully on HP SiteScope 11.20 (with HP Operations Agent) over Windows 2003 SP2.

tags | exploit, shell, code execution
systems | windows
advisories | CVE-2013-2367, OSVDB-95824
MD5 | 54e615e8ccdc8c83cefabd5dc954b93a
Debian Security Advisory 2747-1
Posted Aug 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2747-1 - Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-5588, CVE-2013-5589
MD5 | 2529d2bb29e016c50d57268145a966ce
Page 1 of 4
Back1234Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    27 Files
  • 27
    Oct 27th
    6 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close