VYPR

Cacti

by Cacti (software)

Source repositories

CVEs (170)

  • CVE-2017-12066MedAug 1, 2017
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists…

  • CVE-2017-11691MedJul 27, 2017
    risk 0.35cvss 5.4epss 0.02

    Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

  • CVE-2017-11163MedJul 10, 2017
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable.

  • CVE-2017-10970MedJul 6, 2017
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.

  • CVE-2024-30268MedMay 14, 2024
    risk 0.33cvss 6.1epss 0.01

    Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in…

  • CVE-2017-16661MedNov 8, 2017
    risk 0.32cvss 4.9epss 0.01

    Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.

  • CVE-2022-46169KEVDec 5, 2022
    risk 0.23cvss epss 1.00

    Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if…

  • CVE-2024-25641May 13, 2024
    risk 0.10cvss epss 0.86

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP…

  • CVE-2023-49085Dec 22, 2023
    risk 0.10cvss epss 0.85

    Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the `pollers.php` script. An authorized user may be able to execute arbitrary SQL code. The vulnerable component is the…

  • CVE-2023-49084Dec 21, 2023
    risk 0.10cvss epss 0.64

    Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server.…

  • CVE-2023-39362Sep 5, 2023
    risk 0.10cvss epss 0.82

    Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code…

  • CVE-2020-8813Feb 22, 2020
    risk 0.10cvss epss 0.74

    graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.

  • CVE-2020-14295Jun 17, 2020
    risk 0.09cvss epss 0.86

    A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

  • CVE-2005-10004Aug 30, 2025
    risk 0.08cvss epss 0.02

    Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows…

  • CVE-2025-24367Jan 27, 2025
    risk 0.07cvss epss 0.51

    Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This…

  • CVE-2023-39361Sep 5, 2023
    risk 0.07cvss epss 0.88

    Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an…

  • CVE-2024-43363Oct 7, 2024
    risk 0.06cvss epss 0.36

    Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps…

  • CVE-2023-30534Sep 5, 2023
    risk 0.04cvss epss 0.03

    Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included,…

  • CVE-2006-0146Jan 9, 2006
    risk 0.04cvss epss 0.13

    The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to…

  • CVE-2006-0147Jan 9, 2006
    risk 0.04cvss epss 0.13

    Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote…

Page 2 of 9