High severity8.8NVD Advisory· Published Apr 12, 2016· Updated Jun 17, 2026
CVE-2016-3172
CVE-2016-3172
Description
SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*range: <=0.8.8g
- (no CPE)range: <=0.8.8g
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.