This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as conduct stacked queries. With stacked queries, the path_php_binary value is changed within the settings table to a payload, and an update is called to execute the payload. After calling the payload, the value is reset.
636d9fd6c79efe80bdd9f0da7f4060e559ca7cd87b6b1526a2a11e1ac747f750Gentoo Linux Security Advisory 202007-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.13 are affected.
b91c68deb806affd52aaef7ec8de220f22efb4b1fd563f5e4c88378a9d9c35b7Gentoo Linux Security Advisory 202004-16 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.11 are affected.
a6c29ffd3873fdfd7fee07eb84119f4e33133b4087c3065b62c2d4a43a108602Gentoo Linux Security Advisory 202003-40 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.2.9 are affected.
18820d432372c5b6516503158ba086e9364adae96c8c9b019f11b9098c36d8e2graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.
ddfd448fc925b28a03aaba73be8f9999625bb6879802ec1b4e35f2eeef4e1d87Cacti version 1.2.8 suffers from an authenticated remote code execution vulnerability.
56cc6422c5477bd9cb39748c97408cbda4d9c2b376cadcbfd9f1e8930b549790Cacti version 1.2.8 suffers from an unauthenticated remote code execution vulnerability.
b14631bfc6fe1d158869f68e3d4b39c3a7081d27db7f6278239eea4c70b81555Debian Linux Security Advisory 4604-1 - Multiple issues have been found in cacti, a server monitoring system, potentially resulting in SQL code execution or information disclosure by authenticated users.
c836c6f62d15e9ea4276158e276f15bdd9c0fb0c16c3a9003db467b258cc2713Gentoo Linux Security Advisory 201711-10 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.1.20:1.1.20 are affected.
97704550c4ba8ab019b2d037f4857d6a56a9554e0fa2a554f38dfe3205a6fc63Cacti versions 0.8.8g and below remote SQL injection exploit.
694fb314b7fd9974acdf0ba7228bc6585d81d00e7d0e2d855c470dd4db4fe97cDebian Linux Security Advisory 3494-1 - Two SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems. Specially crafted input can be used by an attacker in parameters of the graphs_new.php script to execute arbitrary SQL commands on the database.
97808cf3529875d4bcd54cfdad0de8a01c508d89587d889ac02eab545d374b0bCacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability in graphs_new.php.
a78b6681709c8cc20f7d107b4b963d37f859192b55999eb8a655eb58c5f6c5c4Debian Linux Security Advisory 3423-1 - Several SQL injection vulnerabilities have been discovered in Cacti, an RRDTool frontend written in PHP. Specially crafted input can be used by an attacker in the rra_id value of the graph.php script to execute arbitrary SQL commands on the database.
c27b03bedc1d4f86e3ff26013e506674b7a595b483450b54fc20acb03aa88410Cacti versions 0.8.8f and below suffer from a remote SQL injection vulnerability.
9360ec416bde873ec1d7ef3ca752240e463cf1396011ebe65a86a035905bb4a3Gentoo Linux Security Advisory 201509-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to arbitrary code execution. Versions less than 0.8.8d are affected.
7a4f1dbc306cb7046c88c372fc9d48510bfe0a35ebb5b4a0471b6a480296dc83Debian Linux Security Advisory 3312-1 - Multiple SQL injection vulnerabilities were discovered in cacti, a web interface for graphing of monitoring systems.
d2e58c23e61090e6a0aa8fd736ddfec8ccc03c212a55999fa01140e8ea75c1f7Debian Linux Security Advisory 3295-1 - Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.
d2270ddee10b79388cb859232c9460813be0e3e20d67218545961d4dc00d0b4fCacti versions prior to 0.8.8d suffer from remote SQL injection and header injection vulnerabilities.
3e823ac472067243035504e5783afe8875d2bc6dade55e315ed703166b3ea9b8Cacti Superlinks version 1.4-2 suffers from code execution via local file inclusion, and remote SQL injection vulnerabilities.
5a23314873f3c7b79647dafc858449285d365137abb907d03a2007a2c4bb40fdDebian Linux Security Advisory 3007-1 - Multiple security issues (cross-site scripting, missing input sanitising and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.
4f0e774ab42a6d70a94103e9e8f16df9a32a25d26c01b1a17ccf40a3b0bdc588Debian Linux Security Advisory 2970-1 - Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.
67f7c14f82e222e1693697e3659a72b9ae669ebe3fb08bb51ed5f7d72102d52eCacti version 0.8.7g suffers from stored cross site scripting, cross site request forgery, and possible command execution vulnerabilities.
a60f85a2d28f7d6505f3ecacf176ca9ddaef9f4003db247563075b71d7f4162dGentoo Linux Security Advisory 201401-20 - Multiple vulnerabilities have been found in Cacti, allowing attackers to execute arbitrary code or perform XSS attacks. Versions less than 0.8.8b are affected.
60e499dc878470aef030b4e84ae80fe629bbd4de79b08c73333effba0110f1fdMandriva Linux Security Advisory 2013-228 - Multiple cross-site scripting vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via the id parameter to cacti/host.php. SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. The updated packages have been patched to correct these issues.
95f155644671c729e416471b25c911bf5820a78f517686f57cbaaca0cf7aee39This Metasploit module exploits a code execution flaw in HP SiteScope. The vulnerability exists on the opcactivate.vbs script, which is reachable from the APIBSMIntegrationImpl AXIS service, and uses WScript.Shell.run() to execute cmd.exe with user provided data. Note which the opcactivate.vbs component is installed with the (optional) HP Operations Agent component. The module has been tested successfully on HP SiteScope 11.20 (with HP Operations Agent) over Windows 2003 SP2.
02888ebdda6dc97a16fcb507f825f9cfbf26bc98824bc1efc03e5b0ff9d28b2fDebian Linux Security Advisory 2747-1 - Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems.
5cff70381259ac904ac31e8d328da100be3280ec8d318231c9f20a320d7da4ad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed