VYPR

Vendor CVEs

Cacti (software)

All CVEs

171 total · sorted by risk
  • CVE-2008-0785Feb 14, 2008
    risk 0.03cvss epss 0.03

    Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id…

  • CVE-2008-0783Feb 14, 2008
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action…

  • CVE-2004-1737Aug 16, 2004
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.

  • CVE-2024-31445May 13, 2024
    risk 0.02cvss epss 0.26

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to…

  • CVE-2021-26247Jan 19, 2022
    risk 0.02cvss epss 0.07

    As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=" to successfully execute the JavaScript payload present in the "ref" URL parameter.

  • CVE-2024-31444May 13, 2024
    risk 0.01cvss epss 0.15

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in…

  • CVE-2019-17357Jan 21, 2020
    risk 0.01cvss epss 0.35

    Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data…

  • CVE-2014-5261Aug 22, 2014
    risk 0.01cvss epss 0.11

    The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.

  • CVE-2026-40941Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31.

  • CVE-2026-40084Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage (stored injection),…

  • CVE-2026-40082Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leading to Session Fixation. session_regenerate_id() is NOT called after successful login. The login flow at auth_login.php:203-207…

  • CVE-2026-40080Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at str_contains($referer, CACTI_PATH_URL). When the user's login_opts == '1' (redirect to referer…

  • CVE-2026-40083Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selected_items by calling…

  • CVE-2026-40079Jun 24, 2026
    risk 0.00cvss epss 0.01

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Command Injection due to lack of sanitization in the escape_command() function. The escape_command() function at lib/rrd.php is a no-op: it returns $command unchanged.…

  • CVE-2026-39951Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graph_name_regexp in the Reports feature. This issue has been fixed in version 1.2.31.

  • CVE-2026-39948Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request parameter is retrieved via the raw accessor grv() (rather than gfrv() with FILTER_VALIDATE_IS_REGEX validation) and concatenated directly into RLIKE SQL clauses…

  • CVE-2026-39955Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php. This issue has been fixed in version 1.2.31.

  • CVE-2026-39938Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdtool IPC serialization hardening. This issue has been resolved in version 1.2.31.

  • CVE-2026-39900Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the auth_profile.php JavaScript context. This issue has been fixed in version 1.2.31.

  • CVE-2026-39899Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in package_import.php. This issue has been fixed in version 1.2.31.

  • CVE-2026-39897Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the html_auth_footer. This issue has been fixed in version 1.2.31.

  • CVE-2026-39894Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtool_function_update() can corrupt RRDtool metric values. The rrdtool_function_update() function checks metric values with is_numeric()…

  • CVE-2026-39893Jun 24, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL clause without sanitization. The endpoint does not require authentication (graph viewing supports guest access via the…

  • CVE-2025-66399Dec 2, 2025
    risk 0.00cvss epss 0.11

    Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including…

  • CVE-2025-26520Feb 12, 2025
    risk 0.00cvss epss 0.00

    Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146.

  • CVE-2025-24368Jan 27, 2025
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php is not thoroughly checked and is used to concatenate the SQL statement in build_rule_item_filter() function from lib/api_automation.php, resulting in SQL…

  • CVE-2025-22604Jan 27, 2025
    risk 0.00cvss epss 0.05

    Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used…

  • CVE-2024-54145Jan 27, 2025
    risk 0.00cvss epss 0.01

    Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.

  • CVE-2024-45598Jan 27, 2025
    risk 0.00cvss epss 0.03

    Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply…

  • CVE-2024-43365Oct 7, 2024
    risk 0.00cvss epss 0.23

    Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in…

  • CVE-2024-43364Oct 7, 2024
    risk 0.00cvss epss 0.34

    Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to…

  • CVE-2024-43362Oct 7, 2024
    risk 0.00cvss epss 0.35

    Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and…

  • CVE-2024-34340May 13, 2024
    risk 0.00cvss epss 0.01

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls…

  • CVE-2024-31460May 13, 2024
    risk 0.00cvss epss 0.02

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from…

  • CVE-2024-31459May 13, 2024
    risk 0.00cvss epss 0.03

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue…

  • CVE-2024-31458May 13, 2024
    risk 0.00cvss epss 0.13

    Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in…

  • CVE-2024-31443May 13, 2024
    risk 0.00cvss epss 0.01

    Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from…

  • CVE-2024-29894May 13, 2024
    risk 0.00cvss epss 0.01

    Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js…

  • CVE-2024-27082May 13, 2024
    risk 0.00cvss epss 0.01

    Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who…

  • CVE-2023-50250Dec 22, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in…

  • CVE-2023-49088Dec 22, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious…

  • CVE-2023-49086Dec 21, 2023
    risk 0.00cvss epss 0.01

    Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the…

  • CVE-2023-46490Oct 27, 2023
    risk 0.00cvss epss 0.01

    SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.

  • CVE-2023-39511Sep 6, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by…

  • CVE-2023-31132Sep 5, 2023
    risk 0.00cvss epss 0.00

    Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document…

  • CVE-2023-39364Sep 5, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, users with console access can be redirected to an arbitrary website after a change password performed via a specifically crafted URL. The `auth_changepassword.php` file accepts `ref`…

  • CVE-2023-39516Sep 5, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by…

  • CVE-2023-39365Sep 5, 2023
    risk 0.00cvss epss 0.01

    Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version…

  • CVE-2023-39357Sep 5, 2023
    risk 0.00cvss epss 0.02

    Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not…

  • CVE-2023-39358Sep 5, 2023
    risk 0.00cvss epss 0.02

    Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the…