rpm package
opensuse/cacti&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/cacti&distro=openSUSE%20Tumbleweed
Vulnerabilities (87)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25706 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 12, 2020 | A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field | ||
| CVE-2020-14295 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jun 17, 2020 | A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries. | ||
| CVE-2020-13625 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jun 8, 2020 | PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message. | ||
| CVE-2020-11022 | Med | 6.9 | < 1.2.18-1.2 | 1.2.18-1.2 | Apr 29, 2020 | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |
| CVE-2020-8813 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Feb 22, 2020 | graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. | ||
| CVE-2019-17357 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 21, 2020 | Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data f | ||
| CVE-2020-7237 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 20, 2020 | Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify t | ||
| CVE-2020-7106 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 16, 2020 | Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displa | ||
| CVE-2019-17358 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Dec 12, 2019 | Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory co | ||
| CVE-2019-16723 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Sep 23, 2019 | In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter. | ||
| CVE-2018-20726 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 16, 2019 | A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices. | ||
| CVE-2018-20725 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 16, 2019 | A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label. | ||
| CVE-2018-20724 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 16, 2019 | A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | ||
| CVE-2018-20723 | — | < 1.2.18-1.2 | 1.2.18-1.2 | Jan 16, 2019 | A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color. | ||
| CVE-2014-4000 | Hig | 8.8 | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 15, 2017 | Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()). | |
| CVE-2017-16785 | Med | 6.1 | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 10, 2017 | Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php. | |
| CVE-2017-16661 | Med | 4.9 | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 8, 2017 | Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd. | |
| CVE-2017-16660 | Hig | 7.2 | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 8, 2017 | Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header. | |
| CVE-2017-16641 | Hig | 7.2 | < 1.2.18-1.2 | 1.2.18-1.2 | Nov 7, 2017 | lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php. | |
| CVE-2017-15194 | Med | 6.1 | < 1.2.18-1.2 | 1.2.18-1.2 | Oct 11, 2017 | include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page. |
- CVE-2020-25706Nov 12, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field
- CVE-2020-14295Jun 17, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
- CVE-2020-13625Jun 8, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
- CVE-2020-8813Feb 22, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
- CVE-2019-17357Jan 21, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data f
- CVE-2020-7237Jan 20, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify t
- CVE-2020-7106Jan 16, 2020affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displa
- CVE-2019-17358Dec 12, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory co
- CVE-2019-16723Sep 23, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
- CVE-2018-20726Jan 16, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
- CVE-2018-20725Jan 16, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.
- CVE-2018-20724Jan 16, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.
- CVE-2018-20723Jan 16, 2019affected < 1.2.18-1.2fixed 1.2.18-1.2
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
- affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.
- affected < 1.2.18-1.2fixed 1.2.18-1.2
include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.
Page 3 of 5