7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.3%
The Cacti Group, Inc. reports:
Important Security Fixes
Multiple XSS and SQL injection vulnerabilities
CVE-2015-4634 - SQL injection in graphs.php
Changelog
bug: Fixed various SQL Injection vectors
bug#0002574: SQL Injection Vulnerabilities in graph items and
graph template items
bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
bug#0002579: SQL Injection Vulnerabilities in data sources
bug#0002580: SQL Injection in cdef.php
bug#0002582: SQL Injection in data_templates.php
bug#0002583: SQL Injection in graph_templates.php
bug#0002584: SQL Injection in host_templates.php