cacti is vulnerable to SQL injection. Multiple SQL injection flaws were discovered in Cacti. An unauthenticated, or authenticated user with certain administrative privileges, could use these flaws to execute arbitrary SQL queries.
CPE | Name | Operator | Version |
---|---|---|---|
python-psycopg2 | eq | 2.0.6__1.el5ipa | |
python-psycopg2 | eq | 2.0.6__1.el5ipa |
php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html
secunia.com/advisories/41041
www.cacti.net/changelog.php
www.debian.org/security/2010/dsa-2060
www.redhat.com/security/updates/classification/#important
www.vupen.com/english/advisories/2010/2132
access.redhat.com/errata/RHSA-2010:0635
rhn.redhat.com/errata/RHSA-2010-0635.html