Lucene search

Veracode Vulnerability DatabaseVERACODE:24132

HistoryApr 10, 2020 - 12:46 a.m.

SQL Injection

2020-04-1000:46:59

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

59.9%

JSON

cacti is vulnerable to SQL injection. Multiple SQL injection flaws were discovered in Cacti. An unauthenticated, or authenticated user with certain administrative privileges, could use these flaws to execute arbitrary SQL queries.

CPENameOperatorVersion
python-psycopg2eq2.0.6__1.el5ipa
python-psycopg2eq2.0.6__1.el5ipa

CPE	Name	Operator	Version
	python-psycopg2	eq	2.0.6__1.el5ipa
	python-psycopg2	eq	2.0.6__1.el5ipa

References

php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html

secunia.com/advisories/41041

www.cacti.net/changelog.php

www.debian.org/security/2010/dsa-2060

www.redhat.com/security/updates/classification/#important

www.vupen.com/english/advisories/2010/2132

access.redhat.com/errata/RHSA-2010:0635

rhn.redhat.com/errata/RHSA-2010-0635.html

0.002 Low

EPSS

Percentile

59.9%

JSON

Related for VERACODE:24132