Vulnerabilites related to the_cacti_group - cacti
cve-2007-3112
Vulnerability from cvelistv5
Published
2007-06-07 21:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.
References
| ▼ | URL | Tags |
|---|---|---|
| http://mdessus.free.fr/?p=15 | x_refsource_MISC | |
| http://secunia.com/advisories/26872 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=243592 | x_refsource_MISC | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:184 | vendor-advisory, x_refsource_MANDRIVA | |
| http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html | mailing-list, x_refsource_FULLDISC | |
| http://bugs.cacti.net/view.php?id=955 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25557 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 | x_refsource_CONFIRM | |
| http://fedoranews.org/updates/FEDORA-2007-219.shtml | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34747 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/37019 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:05:29.251Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://mdessus.free.fr/?p=15", }, { name: "26872", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26872", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { name: "20070605 Cacti Denial of Service", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25557", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/37019", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-06-02T00:00:00", descriptions: [ { lang: "en", value: "graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://mdessus.free.fr/?p=15", }, { name: "26872", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26872", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { name: "20070605 Cacti Denial of Service", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25557", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/37019", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3112", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://mdessus.free.fr/?p=15", refsource: "MISC", url: "http://mdessus.free.fr/?p=15", }, { name: "26872", refsource: "SECUNIA", url: "http://secunia.com/advisories/26872", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { name: "20070605 Cacti Denial of Service", refsource: "FULLDISC", url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html", }, { name: "http://bugs.cacti.net/view.php?id=955", refsource: "CONFIRM", url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", refsource: "SECUNIA", url: "http://secunia.com/advisories/25557", }, { name: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", refsource: "CONFIRM", url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", refsource: "OSVDB", url: "http://osvdb.org/37019", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3112", datePublished: "2007-06-07T21:00:00", dateReserved: "2007-06-07T00:00:00", dateUpdated: "2024-08-07T14:05:29.251Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1737
Vulnerability from cvelistv5
Published
2005-02-26 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17011 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/10960 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/12308 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=109272483621038&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:00:37.152Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "cacti-authlogin-sql-injection(17011)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17011", }, { name: "10960", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/10960", }, { name: "12308", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "GLSA-200408-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-08-16T00:00:00", descriptions: [ { lang: "en", value: "SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "cacti-authlogin-sql-injection(17011)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17011", }, { name: "10960", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/10960", }, { name: "12308", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "GLSA-200408-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1737", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20040816 SQL Injection in CACTI", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "cacti-authlogin-sql-injection(17011)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17011", }, { name: "10960", refsource: "BID", url: "http://www.securityfocus.com/bid/10960", }, { name: "12308", refsource: "SECUNIA", url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "GLSA-200408-21", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1737", datePublished: "2005-02-26T05:00:00", dateReserved: "2005-02-26T00:00:00", dateUpdated: "2024-08-08T01:00:37.152Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1525
Vulnerability from cvelistv5
Published
2005-06-22 04:00
Modified
2024-08-07 21:51
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21120 | vdb-entry, x_refsource_XF | |
| http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.cacti.net/release_notes_0_8_6e.php | x_refsource_CONFIRM | |
| http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.osvdb.org/17424 | vdb-entry, x_refsource_OSVDB | |
| http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2005/dsa-764 | vendor-advisory, x_refsource_DEBIAN | |
| http://securitytracker.com/id?1014252 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/15931 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/15490 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/14027 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:51:50.260Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cacti-configsettings-sql-injection(21120)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21120", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "20050622 Multiple Vendor Cacti Multiple SQL Injection Vulnerabilities", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true", }, { name: "17424", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/17424", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15931", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15490", }, { name: "14027", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14027", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-06-22T00:00:00", descriptions: [ { lang: "en", value: "SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "cacti-configsettings-sql-injection(21120)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21120", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "20050622 Multiple Vendor Cacti Multiple SQL Injection Vulnerabilities", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true", }, { name: "17424", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/17424", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15931", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15490", }, { name: "14027", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14027", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1525", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "cacti-configsettings-sql-injection(21120)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21120", }, { name: "CLSA-2005:978", refsource: "CONECTIVA", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { name: "http://www.cacti.net/release_notes_0_8_6e.php", refsource: "CONFIRM", url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "20050622 Multiple Vendor Cacti Multiple SQL Injection Vulnerabilities", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true", }, { name: "17424", refsource: "OSVDB", url: "http://www.osvdb.org/17424", }, { name: "GLSA-200506-20", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014252", }, { name: "15931", refsource: "SECUNIA", url: "http://secunia.com/advisories/15931", }, { name: "15490", refsource: "SECUNIA", url: "http://secunia.com/advisories/15490", }, { name: "14027", refsource: "BID", url: "http://www.securityfocus.com/bid/14027", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1525", datePublished: "2005-06-22T04:00:00", dateReserved: "2005-05-12T00:00:00", dateUpdated: "2024-08-07T21:51:50.260Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1526
Vulnerability from cvelistv5
Published
2005-06-22 04:00
Modified
2024-08-07 21:51
Severity ?
EPSS score ?
Summary
PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.osvdb.org/17425 | vdb-entry, x_refsource_OSVDB | |
| http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.cacti.net/release_notes_0_8_6e.php | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21119 | vdb-entry, x_refsource_XF | |
| http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2005/dsa-764 | vendor-advisory, x_refsource_DEBIAN | |
| http://securitytracker.com/id?1014252 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/15931 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/14028 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/15490 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:51:50.427Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20050622 Multiple Vendor Cacti config_settings.php Remote Code Execution Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities", }, { name: "17425", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/17425", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-configsettings-file-include(21119)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21119", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15931", }, { name: "14028", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14028", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15490", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-06-22T00:00:00", descriptions: [ { lang: "en", value: "PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20050622 Multiple Vendor Cacti config_settings.php Remote Code Execution Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities", }, { name: "17425", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/17425", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-configsettings-file-include(21119)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21119", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15931", }, { name: "14028", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14028", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15490", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1526", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20050622 Multiple Vendor Cacti config_settings.php Remote Code Execution Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities", }, { name: "17425", refsource: "OSVDB", url: "http://www.osvdb.org/17425", }, { name: "CLSA-2005:978", refsource: "CONECTIVA", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { name: "http://www.cacti.net/release_notes_0_8_6e.php", refsource: "CONFIRM", url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-configsettings-file-include(21119)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21119", }, { name: "GLSA-200506-20", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014252", }, { name: "15931", refsource: "SECUNIA", url: "http://secunia.com/advisories/15931", }, { name: "14028", refsource: "BID", url: "http://www.securityfocus.com/bid/14028", }, { name: "15490", refsource: "SECUNIA", url: "http://secunia.com/advisories/15490", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1526", datePublished: "2005-06-22T04:00:00", dateReserved: "2005-05-12T00:00:00", dateUpdated: "2024-08-07T21:51:50.427Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1524
Vulnerability from cvelistv5
Published
2005-06-22 04:00
Modified
2024-08-07 21:51
Severity ?
EPSS score ?
Summary
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
| http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.cacti.net/release_notes_0_8_6e.php | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21118 | vdb-entry, x_refsource_XF | |
| http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.debian.org/security/2005/dsa-764 | vendor-advisory, x_refsource_DEBIAN | |
| http://securitytracker.com/id?1014252 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/15931 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/15490 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/17426 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/16136 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:51:50.371Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20050622 Multiple Vendor Cacti Remote File Inclusion Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-topgraphheader-file-include(21118)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15931", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15490", }, { name: "17426", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/17426", }, { name: "16136", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/16136", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-06-22T00:00:00", descriptions: [ { lang: "en", value: "PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20050622 Multiple Vendor Cacti Remote File Inclusion Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true", }, { name: "CLSA-2005:978", tags: [ "vendor-advisory", "x_refsource_CONECTIVA", ], url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-topgraphheader-file-include(21118)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118", }, { name: "GLSA-200506-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014252", }, { name: "15931", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15931", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15490", }, { name: "17426", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/17426", }, { name: "16136", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/16136", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1524", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20050622 Multiple Vendor Cacti Remote File Inclusion Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true", }, { name: "CLSA-2005:978", refsource: "CONECTIVA", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { name: "http://www.cacti.net/release_notes_0_8_6e.php", refsource: "CONFIRM", url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { name: "cacti-topgraphheader-file-include(21118)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118", }, { name: "GLSA-200506-20", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { name: "DSA-764", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014252", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014252", }, { name: "15931", refsource: "SECUNIA", url: "http://secunia.com/advisories/15931", }, { name: "15490", refsource: "SECUNIA", url: "http://secunia.com/advisories/15490", }, { name: "17426", refsource: "OSVDB", url: "http://www.osvdb.org/17426", }, { name: "16136", refsource: "SECUNIA", url: "http://secunia.com/advisories/16136", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1524", datePublished: "2005-06-22T04:00:00", dateReserved: "2005-05-12T00:00:00", dateUpdated: "2024-08-07T21:51:50.371Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-2148
Vulnerability from cvelistv5
Published
2005-07-06 04:00
Modified
2024-08-07 22:15
Severity ?
EPSS score ?
Summary
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T22:15:37.437Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { name: "cacti-request-array-command-execution(21270)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21270", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.hardened-php.net/advisory-032005.php", }, { name: "20050702 Advisory 04/2005: Cacti Remote Command Execution Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/404047/30/30/threaded", }, { name: "20050702 Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/404054", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "cacti-graph-post-cookie-sql-injection(21266)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21266", }, { name: "ADV-2005-0951", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "14128", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14128", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15490", }, { name: "1014361", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014361", }, { name: "14129", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14129", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.hardened-php.net/advisory-042005.php", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-07-01T00:00:00", descriptions: [ { lang: "en", value: "Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { name: "cacti-request-array-command-execution(21270)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21270", }, { tags: [ "x_refsource_MISC", ], url: "http://www.hardened-php.net/advisory-032005.php", }, { name: "20050702 Advisory 04/2005: Cacti Remote Command Execution Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/404047/30/30/threaded", }, { name: "20050702 Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/404054", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "cacti-graph-post-cookie-sql-injection(21266)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21266", }, { name: "ADV-2005-0951", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "14128", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14128", }, { name: "15490", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15490", }, { name: "1014361", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014361", }, { name: "14129", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14129", }, { tags: [ "x_refsource_MISC", ], url: "http://www.hardened-php.net/advisory-042005.php", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2005-2148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", refsource: "CONFIRM", url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { name: "cacti-request-array-command-execution(21270)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21270", }, { name: "http://www.hardened-php.net/advisory-032005.php", refsource: "MISC", url: "http://www.hardened-php.net/advisory-032005.php", }, { name: "20050702 Advisory 04/2005: Cacti Remote Command Execution Vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/404047/30/30/threaded", }, { name: "20050702 Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED]", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/404054", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", refsource: "MLIST", url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "cacti-graph-post-cookie-sql-injection(21266)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21266", }, { name: "ADV-2005-0951", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-764", }, { name: "14128", refsource: "BID", url: "http://www.securityfocus.com/bid/14128", }, { name: "15490", refsource: "SECUNIA", url: "http://secunia.com/advisories/15490", }, { name: "1014361", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014361", }, { name: "14129", refsource: "BID", url: "http://www.securityfocus.com/bid/14129", }, { name: "http://www.hardened-php.net/advisory-042005.php", refsource: "MISC", url: "http://www.hardened-php.net/advisory-042005.php", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2005-2148", datePublished: "2005-07-06T04:00:00", dateReserved: "2005-07-06T00:00:00", dateUpdated: "2024-08-07T22:15:37.437Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0146
Vulnerability from cvelistv5
Published
2006-01-09 23:00
Modified
2024-08-07 16:25
Severity ?
EPSS score ?
Summary
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:25:33.856Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "19590", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19590", }, { name: "18267", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18267", }, { name: "18254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18254", }, { name: "19555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.maxdev.com/Article550.phtml", }, { name: "ADV-2006-0105", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0105", }, { name: "19699", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19699", }, { name: "DSA-1030", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "24954", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24954", }, { name: "18276", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18276", }, { name: "713", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/713", }, { name: "ADV-2006-1304", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1304", }, { name: "19600", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19600", }, { name: "20070418 MediaBeez Sql query Execution .. Wear isn't ?? :)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/466171/100/0/threaded", }, { name: "ADV-2006-0103", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "16187", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16187", }, { name: "18720", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18720", }, { name: "ADV-2006-1419", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1419", }, { name: "19591", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19591", }, { name: "ADV-2006-0447", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0447", }, { name: "adodb-server-command-execution(24051)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051", }, { name: "17418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17418", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.xaraya.com/index.php/news/569", }, { name: "19691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18233", }, { name: "22290", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/22290", }, { name: "ADV-2006-0370", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0370", }, { name: "DSA-1031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "20060202 Bug for libs in php link directory 2.0", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/423784/100/0/threaded", }, { name: "ADV-2006-0104", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { name: "19563", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19563", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-01-09T00:00:00", descriptions: [ { lang: "en", value: "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "19590", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19590", }, { name: "18267", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18267", }, { name: "18254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18254", }, { name: "19555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.maxdev.com/Article550.phtml", }, { name: "ADV-2006-0105", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0105", }, { name: "19699", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19699", }, { name: "DSA-1030", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "24954", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24954", }, { name: "18276", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18276", }, { name: "713", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/713", }, { name: "ADV-2006-1304", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1304", }, { name: "19600", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19600", }, { name: "20070418 MediaBeez Sql query Execution .. Wear isn't ?? :)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/466171/100/0/threaded", }, { name: "ADV-2006-0103", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { tags: [ "x_refsource_MISC", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "16187", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16187", }, { name: "18720", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18720", }, { name: "ADV-2006-1419", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1419", }, { name: "19591", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19591", }, { name: "ADV-2006-0447", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0447", }, { name: "adodb-server-command-execution(24051)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051", }, { name: "17418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17418", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.xaraya.com/index.php/news/569", }, { name: "19691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18233", }, { name: "22290", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/22290", }, { name: "ADV-2006-0370", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0370", }, { name: "DSA-1031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { tags: [ "x_refsource_MISC", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "20060202 Bug for libs in php link directory 2.0", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/423784/100/0/threaded", }, { name: "ADV-2006-0104", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { name: "19563", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19563", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0146", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "19590", refsource: "SECUNIA", url: "http://secunia.com/advisories/19590", }, { name: "18267", refsource: "SECUNIA", url: "http://secunia.com/advisories/18267", }, { name: "18254", refsource: "SECUNIA", url: "http://secunia.com/advisories/18254", }, { name: "19555", refsource: "SECUNIA", url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { name: "http://www.maxdev.com/Article550.phtml", refsource: "CONFIRM", url: "http://www.maxdev.com/Article550.phtml", }, { name: "ADV-2006-0105", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0105", }, { name: "19699", refsource: "SECUNIA", url: "http://secunia.com/advisories/19699", }, { name: "DSA-1030", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "24954", refsource: "SECUNIA", url: "http://secunia.com/advisories/24954", }, { name: "18276", refsource: "SECUNIA", url: "http://secunia.com/advisories/18276", }, { name: "713", refsource: "SREASON", url: "http://securityreason.com/securityalert/713", }, { name: "ADV-2006-1304", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1304", }, { name: "19600", refsource: "SECUNIA", url: "http://secunia.com/advisories/19600", }, { name: "20070418 MediaBeez Sql query Execution .. Wear isn't ?? :)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/466171/100/0/threaded", }, { name: "ADV-2006-0103", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0103", }, { name: "http://secunia.com/secunia_research/2005-64/advisory/", refsource: "MISC", url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "16187", refsource: "BID", url: "http://www.securityfocus.com/bid/16187", }, { name: "18720", refsource: "SECUNIA", url: "http://secunia.com/advisories/18720", }, { name: "ADV-2006-1419", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1419", }, { name: "19591", refsource: "SECUNIA", url: "http://secunia.com/advisories/19591", }, { name: "ADV-2006-0447", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0447", }, { name: "adodb-server-command-execution(24051)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051", }, { name: "17418", refsource: "SECUNIA", url: "http://secunia.com/advisories/17418", }, { name: "http://www.xaraya.com/index.php/news/569", refsource: "CONFIRM", url: "http://www.xaraya.com/index.php/news/569", }, { name: "19691", refsource: "SECUNIA", url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", refsource: "SECUNIA", url: "http://secunia.com/advisories/18233", }, { name: "22290", refsource: "OSVDB", url: "http://www.osvdb.org/22290", }, { name: "ADV-2006-0370", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0370", }, { name: "DSA-1031", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1031", }, { name: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", refsource: "MISC", url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "20060202 Bug for libs in php link directory 2.0", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/423784/100/0/threaded", }, { name: "ADV-2006-0104", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", refsource: "SECUNIA", url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { name: "19563", refsource: "SECUNIA", url: "http://secunia.com/advisories/19563", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0146", datePublished: "2006-01-09T23:00:00", dateReserved: "2006-01-09T00:00:00", dateUpdated: "2024-08-07T16:25:33.856Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0147
Vulnerability from cvelistv5
Published
2006-01-09 23:00
Modified
2024-08-07 16:25
Severity ?
EPSS score ?
Summary
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:25:33.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "19590", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19590", }, { name: "18267", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18267", }, { name: "18254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18254", }, { name: "19555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "adodb-tmssql-command-execution(24052)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24052", }, { name: "19628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19628", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { name: "DSA-1030", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "18276", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18276", }, { name: "19600", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19600", }, { name: "1663", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/1663", }, { name: "ADV-2006-0103", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "20060412 Simplog <=0.9.2 multiple vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/430743/100/0/threaded", }, { name: "19591", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19591", }, { name: "17418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17418", }, { name: "19691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18233", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", }, { name: "ADV-2006-1332", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/1332", }, { name: "22291", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/22291", }, { name: "DSA-1031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "ADV-2006-0104", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-01-09T00:00:00", descriptions: [ { lang: "en", value: "Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-19T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "19590", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19590", }, { name: "18267", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18267", }, { name: "18254", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18254", }, { name: "19555", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "adodb-tmssql-command-execution(24052)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24052", }, { name: "19628", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19628", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { name: "DSA-1030", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "18276", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18276", }, { name: "19600", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19600", }, { name: "1663", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/1663", }, { name: "ADV-2006-0103", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { tags: [ "x_refsource_MISC", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "20060412 Simplog <=0.9.2 multiple vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/430743/100/0/threaded", }, { name: "19591", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19591", }, { name: "17418", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17418", }, { name: "19691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18233", }, { tags: [ "x_refsource_MISC", ], url: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", }, { name: "ADV-2006-1332", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/1332", }, { name: "22291", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/22291", }, { name: "DSA-1031", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { tags: [ "x_refsource_MISC", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "ADV-2006-0104", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "19590", refsource: "SECUNIA", url: "http://secunia.com/advisories/19590", }, { name: "18267", refsource: "SECUNIA", url: "http://secunia.com/advisories/18267", }, { name: "18254", refsource: "SECUNIA", url: "http://secunia.com/advisories/18254", }, { name: "19555", refsource: "SECUNIA", url: "http://secunia.com/advisories/19555", }, { name: "DSA-1029", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1029", }, { name: "adodb-tmssql-command-execution(24052)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24052", }, { name: "19628", refsource: "SECUNIA", url: "http://secunia.com/advisories/19628", }, { name: "20060409 PhpOpenChat 3.0.x ADODB Server.php \"sql\" SQL injection", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { name: "DSA-1030", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1030", }, { name: "ADV-2006-1305", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1305", }, { name: "18276", refsource: "SECUNIA", url: "http://secunia.com/advisories/18276", }, { name: "19600", refsource: "SECUNIA", url: "http://secunia.com/advisories/19600", }, { name: "1663", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/1663", }, { name: "ADV-2006-0103", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0103", }, { name: "http://secunia.com/secunia_research/2005-64/advisory/", refsource: "MISC", url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { name: "20060412 Simplog <=0.9.2 multiple vulnerabilities", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/430743/100/0/threaded", }, { name: "19591", refsource: "SECUNIA", url: "http://secunia.com/advisories/19591", }, { name: "17418", refsource: "SECUNIA", url: "http://secunia.com/advisories/17418", }, { name: "19691", refsource: "SECUNIA", url: "http://secunia.com/advisories/19691", }, { name: "ADV-2006-0102", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0102", }, { name: "ADV-2006-0101", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0101", }, { name: "18233", refsource: "SECUNIA", url: "http://secunia.com/advisories/18233", }, { name: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", refsource: "MISC", url: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", }, { name: "ADV-2006-1332", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/1332", }, { name: "22291", refsource: "OSVDB", url: "http://www.osvdb.org/22291", }, { name: "DSA-1031", refsource: "DEBIAN", url: "http://www.debian.org/security/2006/dsa-1031", }, { name: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", refsource: "MISC", url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { name: "ADV-2006-0104", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0104", }, { name: "18260", refsource: "SECUNIA", url: "http://secunia.com/advisories/18260", }, { name: "GLSA-200604-07", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0147", datePublished: "2006-01-09T23:00:00", dateReserved: "2006-01-09T00:00:00", dateUpdated: "2024-08-07T16:25:33.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1479
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/10049.php | vdb-entry, x_refsource_XF | |
| http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt | x_refsource_MISC | |
| http://www.securityfocus.com/bid/5628 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:26:28.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "cacti-config-world-readable(10049)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/10049.php", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { name: "5628", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/5628", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-09-03T00:00:00", descriptions: [ { lang: "en", value: "Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-18T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "cacti-config-world-readable(10049)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/10049.php", }, { tags: [ "x_refsource_MISC", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { name: "5628", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/5628", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1479", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20020903 Cacti security issues", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "cacti-config-world-readable(10049)", refsource: "XF", url: "http://www.iss.net/security_center/static/10049.php", }, { name: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", refsource: "MISC", url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { name: "5628", refsource: "BID", url: "http://www.securityfocus.com/bid/5628", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1479", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-02-05T00:00:00", dateUpdated: "2024-08-08T03:26:28.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3113
Vulnerability from cvelistv5
Published
2007-06-07 21:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.
References
| ▼ | URL | Tags |
|---|---|---|
| http://mdessus.free.fr/?p=15 | x_refsource_MISC | |
| http://secunia.com/advisories/26872 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=243592 | x_refsource_MISC | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:184 | vendor-advisory, x_refsource_MANDRIVA | |
| http://bugs.cacti.net/view.php?id=955 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25557 | third-party-advisory, x_refsource_SECUNIA | |
| http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 | x_refsource_CONFIRM | |
| http://fedoranews.org/updates/FEDORA-2007-219.shtml | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34747 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/37019 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:05:29.308Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://mdessus.free.fr/?p=15", }, { name: "26872", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26872", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25557", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/37019", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-06-04T00:00:00", descriptions: [ { lang: "en", value: "Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-28T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://mdessus.free.fr/?p=15", }, { name: "26872", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26872", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25557", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/37019", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3113", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://mdessus.free.fr/?p=15", refsource: "MISC", url: "http://mdessus.free.fr/?p=15", }, { name: "26872", refsource: "SECUNIA", url: "http://secunia.com/advisories/26872", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { name: "MDKSA-2007:184", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { name: "http://bugs.cacti.net/view.php?id=955", refsource: "CONFIRM", url: "http://bugs.cacti.net/view.php?id=955", }, { name: "25557", refsource: "SECUNIA", url: "http://secunia.com/advisories/25557", }, { name: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", refsource: "CONFIRM", url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { name: "FEDORA-2007-2199", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { name: "cacti-graphstart-graphend-dos(34747)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { name: "37019", refsource: "OSVDB", url: "http://osvdb.org/37019", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3113", datePublished: "2007-06-07T21:00:00", dateReserved: "2007-06-07T00:00:00", dateUpdated: "2024-08-07T14:05:29.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1478
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2002/dsa-164 | vendor-advisory, x_refsource_DEBIAN | |
| http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5630 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10050.php | vdb-entry, x_refsource_XF | |
| http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:26:28.632Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-164", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5630", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/5630", }, { name: "cacti-console-mode-commands(10050)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/10050.php", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-09-03T00:00:00", descriptions: [ { lang: "en", value: "Cacti before 0.6.8 allows attackers to execute arbitrary commands via the \"Data Input\" option in console mode.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-08-11T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-164", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5630", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/5630", }, { name: "cacti-console-mode-commands(10050)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/10050.php", }, { tags: [ "x_refsource_MISC", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1478", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti before 0.6.8 allows attackers to execute arbitrary commands via the \"Data Input\" option in console mode.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-164", refsource: "DEBIAN", url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5630", refsource: "BID", url: "http://www.securityfocus.com/bid/5630", }, { name: "cacti-console-mode-commands(10050)", refsource: "XF", url: "http://www.iss.net/security_center/static/10050.php", }, { name: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", refsource: "MISC", url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1478", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-02-05T00:00:00", dateUpdated: "2024-08-08T03:26:28.632Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1477
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.iss.net/security_center/static/10048.php | vdb-entry, x_refsource_XF | |
| http://www.debian.org/security/2002/dsa-164 | vendor-advisory, x_refsource_DEBIAN | |
| http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5627 | vdb-entry, x_refsource_BID | |
| http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:26:28.326Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cacti-graph-label-commands(10048)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/10048.php", }, { name: "DSA-164", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5627", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/5627", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-09-03T00:00:00", descriptions: [ { lang: "en", value: "graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2003-03-26T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "cacti-graph-label-commands(10048)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/10048.php", }, { name: "DSA-164", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5627", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/5627", }, { tags: [ "x_refsource_MISC", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1477", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "cacti-graph-label-commands(10048)", refsource: "XF", url: "http://www.iss.net/security_center/static/10048.php", }, { name: "DSA-164", refsource: "DEBIAN", url: "http://www.debian.org/security/2002/dsa-164", }, { name: "20020903 Cacti security issues", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { name: "5627", refsource: "BID", url: "http://www.securityfocus.com/bid/5627", }, { name: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", refsource: "MISC", url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1477", datePublished: "2004-09-01T04:00:00", dateReserved: "2003-02-05T00:00:00", dateUpdated: "2024-08-08T03:26:28.326Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1736
Vulnerability from cvelistv5
Published
2005-02-26 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html | mailing-list, x_refsource_FULLDISC | |
| http://secunia.com/advisories/12308 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=109272483621038&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17014 | vdb-entry, x_refsource_XF |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T01:00:37.280Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "12308", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "cacti-error-path-disclosure(17014)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17014", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-08-16T00:00:00", descriptions: [ { lang: "en", value: "Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "12308", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "cacti-error-path-disclosure(17014)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17014", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1736", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20040816 SQL Injection in CACTI", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { name: "12308", refsource: "SECUNIA", url: "http://secunia.com/advisories/12308", }, { name: "20040816 SQL Injection in CACTI", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { name: "cacti-error-path-disclosure(17014)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17014", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1736", datePublished: "2005-02-26T05:00:00", dateReserved: "2005-02-26T00:00:00", dateUpdated: "2024-08-08T01:00:37.280Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-2149
Vulnerability from cvelistv5
Published
2005-07-06 04:00
Modified
2024-08-07 22:15
Severity ?
EPSS score ?
Summary
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch | x_refsource_CONFIRM | |
| http://www.hardened-php.net/advisory-052005.php | x_refsource_MISC | |
| http://www.securityfocus.com/bid/14130 | vdb-entry, x_refsource_BID | |
| http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1 | mailing-list, x_refsource_MLIST | |
| http://www.vupen.com/english/advisories/2005/0951 | vdb-entry, x_refsource_VUPEN | |
| http://www.debian.org/security/2005/dsa-764 | vendor-advisory, x_refsource_DEBIAN | |
| http://securitytracker.com/id?1014361 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/404040 | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T22:15:37.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.hardened-php.net/advisory-052005.php", }, { name: "14130", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/14130", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "ADV-2005-0951", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014361", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014361", }, { name: "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/404040", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-07-01T00:00:00", descriptions: [ { lang: "en", value: "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2006-09-07T09:00:00", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { tags: [ "x_refsource_MISC", ], url: "http://www.hardened-php.net/advisory-052005.php", }, { name: "14130", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/14130", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "ADV-2005-0951", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014361", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014361", }, { name: "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/404040", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2005-2149", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", refsource: "CONFIRM", url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { name: "http://www.hardened-php.net/advisory-052005.php", refsource: "MISC", url: "http://www.hardened-php.net/advisory-052005.php", }, { name: "14130", refsource: "BID", url: "http://www.securityfocus.com/bid/14130", }, { name: "[cacti-announce] 20050701 Cacti 0.8.6f Released", refsource: "MLIST", url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { name: "ADV-2005-0951", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/0951", }, { name: "DSA-764", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-764", }, { name: "1014361", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014361", }, { name: "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/404040", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2005-2149", datePublished: "2005-07-06T04:00:00", dateReserved: "2005-07-06T00:00:00", dateUpdated: "2024-08-07T22:15:37.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-6799
Vulnerability from cvelistv5
Published
2006-12-28 21:00
Modified
2024-08-07 20:42
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T20:42:07.143Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-1250", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1250", }, { name: "OpenPKG-SA-2007.001", tags: [ "vendor-advisory", "x_refsource_OPENPKG", "x_transferred", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.001.html", }, { name: "23917", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23917", }, { name: "MDKSA-2007:015", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:015", }, { name: "23528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23528", }, { name: "1017451", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1017451", }, { name: "cacti-cmd-sql-injection(31177)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/31177", }, { name: "GLSA-200701-23", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200701-23.xml", }, { name: "SUSE-SA:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_07_cacti.html", }, { name: "ADV-2006-5193", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/5193", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.cacti.net/release_notes_0_8_6j.php", }, { name: "23665", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23665", }, { name: "3029", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/3029", }, { name: "21799", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/21799", }, { name: "23941", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/23941", }, { name: "20070118 Re: FW: [cacti-announce] Cacti 0.8.6j Released", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/457290/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-12-27T00:00:00", descriptions: [ { lang: "en", value: "SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-17T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "DSA-1250", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1250", }, { name: "OpenPKG-SA-2007.001", tags: [ "vendor-advisory", "x_refsource_OPENPKG", ], url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.001.html", }, { name: "23917", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23917", }, { name: "MDKSA-2007:015", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:015", }, { name: "23528", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23528", }, { name: "1017451", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1017451", }, { name: "cacti-cmd-sql-injection(31177)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/31177", }, { name: "GLSA-200701-23", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200701-23.xml", }, { name: "SUSE-SA:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_07_cacti.html", }, { name: "ADV-2006-5193", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/5193", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.cacti.net/release_notes_0_8_6j.php", }, { name: "23665", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23665", }, { name: "3029", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/3029", }, { name: "21799", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/21799", }, { name: "23941", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/23941", }, { name: "20070118 Re: FW: [cacti-announce] Cacti 0.8.6j Released", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/457290/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-6799", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "DSA-1250", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1250", }, { name: "OpenPKG-SA-2007.001", refsource: "OPENPKG", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.001.html", }, { name: "23917", refsource: "SECUNIA", url: "http://secunia.com/advisories/23917", }, { name: "MDKSA-2007:015", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:015", }, { name: "23528", refsource: "SECUNIA", url: "http://secunia.com/advisories/23528", }, { name: "1017451", refsource: "SECTRACK", url: "http://securitytracker.com/id?1017451", }, { name: "cacti-cmd-sql-injection(31177)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/31177", }, { name: "GLSA-200701-23", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200701-23.xml", }, { name: "SUSE-SA:2007:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_07_cacti.html", }, { name: "ADV-2006-5193", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/5193", }, { name: "http://www.cacti.net/release_notes_0_8_6j.php", refsource: "CONFIRM", url: "http://www.cacti.net/release_notes_0_8_6j.php", }, { name: "23665", refsource: "SECUNIA", url: "http://secunia.com/advisories/23665", }, { name: "3029", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/3029", }, { name: "21799", refsource: "BID", url: "http://www.securityfocus.com/bid/21799", }, { name: "23941", refsource: "SECUNIA", url: "http://secunia.com/advisories/23941", }, { name: "20070118 Re: FW: [cacti-announce] Cacti 0.8.6j Released", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/457290/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-6799", datePublished: "2006-12-28T21:00:00", dateReserved: "2006-12-28T00:00:00", dateUpdated: "2024-08-07T20:42:07.143Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2006-01-09 23:03
Modified
2025-04-03 01:03
Severity ?
Summary
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*", matchCriteriaId: "9F76566C-7F49-4725-91E6-8E2416CB7F03", vulnerable: true, }, { criteria: "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*", matchCriteriaId: "02F0F5B5-86D2-48C4-872E-3F8C38AF563C", vulnerable: true, }, { criteria: "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*", matchCriteriaId: "AE92E018-C25C-468D-9EF5-5665F0B42EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*", matchCriteriaId: "B0C7EDA7-1BED-4152-BD3D-3A596482D9D6", vulnerable: true, }, { criteria: "cpe:2.3:a:mediabeez:mediabeez:*:*:*:*:*:*:*:*", matchCriteriaId: "EE171CCD-6AEE-4FCB-9F45-C7CFDE84D6AA", vulnerable: true, }, { criteria: "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "66BD9A00-DA61-4389-8731-B92585C2BE6C", vulnerable: true, }, { criteria: "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*", matchCriteriaId: "C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*", matchCriteriaId: "DB14AEA6-00FC-4C8B-BA57-6CA7A5519493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.", }, ], id: "CVE-2006-0146", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-01-09T23:03:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17418", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18233", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18254", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18260", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18267", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18276", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18720", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19555", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19563", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19590", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19591", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19600", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19691", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19699", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24954", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/713", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { source: "cve@mitre.org", tags: [ "URL Repurposed", ], url: "http://www.maxdev.com/Article550.phtml", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "http://www.osvdb.org/22290", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/423784/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/466171/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "http://www.securityfocus.com/bid/16187", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0102", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0105", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0370", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0447", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/1304", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1419", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.xaraya.com/index.php/news/569", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18276", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19563", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19590", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19591", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19600", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24954", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/713", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "URL Repurposed", ], url: "http://www.maxdev.com/Article550.phtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://www.osvdb.org/22290", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/423784/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/466171/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://www.securityfocus.com/bid/16187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0105", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/0447", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/1304", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/1305", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1419", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.xaraya.com/index.php/news/569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24051", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-06-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * | |
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 | |
| the_cacti_group | cacti | 0.6.8a | |
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5a |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "5FAA989F-CB32-4398-8A19-0494CF421BDB", versionEndIncluding: "0.8.6d", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8a:*:*:*:*:*:*:*", matchCriteriaId: "D099FE2B-13CA-447E-B5E7-75A1D407A971", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.", }, ], id: "CVE-2005-1524", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-06-22T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15490", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15931", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/16136", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1014252", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/17426", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/16136", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014252", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/17426", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-08-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 | |
| the_cacti_group | cacti | 0.6.8a | |
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5 | |
| the_cacti_group | cacti | 0.8.5a | |
| gentoo | linux | 1.4 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8a:*:*:*:*:*:*:*", matchCriteriaId: "D099FE2B-13CA-447E-B5E7-75A1D407A971", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5:*:*:*:*:*:*:*", matchCriteriaId: "DFF12ADC-83AA-45FE-9678-F49D05234D39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", matchCriteriaId: "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.", }, ], id: "CVE-2004-1737", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-08-16T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/12308", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/10960", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/12308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/10960", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17011", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-06-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * | |
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 | |
| the_cacti_group | cacti | 0.6.8a | |
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5a |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "5FAA989F-CB32-4398-8A19-0494CF421BDB", versionEndIncluding: "0.8.6d", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8a:*:*:*:*:*:*:*", matchCriteriaId: "D099FE2B-13CA-447E-B5E7-75A1D407A971", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.", }, ], id: "CVE-2005-1526", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-06-22T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15490", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15931", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1014252", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/17425", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/14028", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21119", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014252", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=266&type=vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/17425", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14028", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21119", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-06-07 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D665BF-4F89-4333-81B2-0D6821E91C09", versionEndIncluding: "0.8.6i", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.", }, { lang: "es", value: "Cacti versión 0.8.6i, y posiblemente otras versiones, permite a usuarios remotos autenticados causar una denegación de servicio (consumo de CPU) por medio de un valor largo de un parámetro (1) graph_height o (2) graph_width, vectores diferentes de CVE-2007-3112.", }, ], id: "CVE-2007-3113", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-06-07T21:30:00.000", references: [ { source: "cve@mitre.org", url: "http://bugs.cacti.net/view.php?id=955", }, { source: "cve@mitre.org", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { source: "cve@mitre.org", url: "http://mdessus.free.fr/?p=15", }, { source: "cve@mitre.org", url: "http://osvdb.org/37019", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/25557", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26872", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.cacti.net/view.php?id=955", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://mdessus.free.fr/?p=15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/37019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/25557", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26872", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.8.5a |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.", }, ], id: "CVE-2004-1736", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://secunia.com/advisories/12308", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17014", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109272483621038&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://secunia.com/advisories/12308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17014", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-12-28 21:28
Modified
2025-04-09 00:30
Severity ?
Summary
SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D665BF-4F89-4333-81B2-0D6821E91C09", versionEndIncluding: "0.8.6i", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function.", }, { lang: "es", value: "Vulnerabilidad de inyección SQL en Cacti 0.8.6i y anteriores, cuando register_argc_argv está activado, permite a atacantes remotos ejecutar comandos SQL de su elección a través de los argumentos (1) segundo o (2) tercero de cmd.php. NOTA: este problema puede ser aprovechado para ejecutar comandos de su elección puesto que los resultados de la consulta SQL son utilizados posteriormente en el array polling_items y la función popen.", }, ], id: "CVE-2006-6799", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-12-28T21:28:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/23528", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/23665", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/23917", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/23941", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200701-23.xml", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1017451", }, { source: "cve@mitre.org", url: "http://www.cacti.net/release_notes_0_8_6j.php", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1250", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:015", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_07_cacti.html", }, { source: "cve@mitre.org", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.001.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/457290/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/21799", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/5193", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/31177", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/3029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/23528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23665", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23917", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/23941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200701-23.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1017451", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.cacti.net/release_notes_0_8_6j.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1250", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_07_cacti.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/457290/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/21799", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/5193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/31177", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/3029", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-07-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5 | |
| the_cacti_group | cacti | 0.8.5a | |
| the_cacti_group | cacti | 0.8.6 | |
| the_cacti_group | cacti | 0.8.6a | |
| the_cacti_group | cacti | 0.8.6b | |
| the_cacti_group | cacti | 0.8.6c | |
| the_cacti_group | cacti | 0.8.6d | |
| the_cacti_group | cacti | 0.8.6e |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5:*:*:*:*:*:*:*", matchCriteriaId: "DFF12ADC-83AA-45FE-9678-F49D05234D39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6:*:*:*:*:*:*:*", matchCriteriaId: "166938A7-2DE3-456D-BE47-6041895E2204", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6a:*:*:*:*:*:*:*", matchCriteriaId: "C7C5ABA2-9BCB-420A-A9E3-8B590F3DD4C0", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6b:*:*:*:*:*:*:*", matchCriteriaId: "EB59E467-8AA1-4D95-B81A-2EFF6F19C34A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6c:*:*:*:*:*:*:*", matchCriteriaId: "81F29217-19A4-453D-8290-D35049E45160", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6d:*:*:*:*:*:*:*", matchCriteriaId: "B424B2E4-5F57-411D-8A69-91E8975A7D33", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6e:*:*:*:*:*:*:*", matchCriteriaId: "1CAB1F6F-06D2-40C7-9D9C-0ABAADDEAC72", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.", }, ], id: "CVE-2005-2148", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-07-06T04:00:00.000", references: [ { source: "security@debian.org", url: "http://secunia.com/advisories/15490", }, { source: "security@debian.org", url: "http://securitytracker.com/id?1014361", }, { source: "security@debian.org", tags: [ "Patch", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { source: "security@debian.org", tags: [ "Patch", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { source: "security@debian.org", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "security@debian.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.hardened-php.net/advisory-032005.php", }, { source: "security@debian.org", tags: [ "Patch", ], url: "http://www.hardened-php.net/advisory-042005.php", }, { source: "security@debian.org", url: "http://www.securityfocus.com/archive/1/404047/30/30/threaded", }, { source: "security@debian.org", url: "http://www.securityfocus.com/archive/1/404054", }, { source: "security@debian.org", url: "http://www.securityfocus.com/bid/14128", }, { source: "security@debian.org", url: "http://www.securityfocus.com/bid/14129", }, { source: "security@debian.org", url: "http://www.vupen.com/english/advisories/2005/0951", }, { source: "security@debian.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21266", }, { source: "security@debian.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21270", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.hardened-php.net/advisory-032005.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.hardened-php.net/advisory-042005.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/404047/30/30/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/404054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14128", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14129", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/0951", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21266", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21270", }, ], sourceIdentifier: "security@debian.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-06-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * | |
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 | |
| the_cacti_group | cacti | 0.6.8a | |
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5a |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "5FAA989F-CB32-4398-8A19-0494CF421BDB", versionEndIncluding: "0.8.6d", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8a:*:*:*:*:*:*:*", matchCriteriaId: "D099FE2B-13CA-447E-B5E7-75A1D407A971", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.", }, ], id: "CVE-2005-1525", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-06-22T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15490", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/15931", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1014252", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/17424", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/14027", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/15931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014252", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.cacti.net/release_notes_0_8_6e.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=267&type=vulnerabilities&flashstatus=true", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/17424", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14027", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/21120", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-01-09 23:03
Modified
2025-04-03 01:03
Severity ?
Summary
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:john_lim:adodb:4.66:*:*:*:*:*:*:*", matchCriteriaId: "9F76566C-7F49-4725-91E6-8E2416CB7F03", vulnerable: true, }, { criteria: "cpe:2.3:a:john_lim:adodb:4.68:*:*:*:*:*:*:*", matchCriteriaId: "02F0F5B5-86D2-48C4-872E-3F8C38AF563C", vulnerable: true, }, { criteria: "cpe:2.3:a:mantis:mantis:0.19.4:*:*:*:*:*:*:*", matchCriteriaId: "AE92E018-C25C-468D-9EF5-5665F0B42EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:mantis:mantis:1.0.0_rc4:*:*:*:*:*:*:*", matchCriteriaId: "B0C7EDA7-1BED-4152-BD3D-3A596482D9D6", vulnerable: true, }, { criteria: "cpe:2.3:a:moodle:moodle:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "66BD9A00-DA61-4389-8731-B92585C2BE6C", vulnerable: true, }, { criteria: "cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:*:*:*:*:*:*:*", matchCriteriaId: "C55DA346-A7A0-466F-90D7-CC1E7C2E9EFD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6g:*:*:*:*:*:*:*", matchCriteriaId: "DB14AEA6-00FC-4C8B-BA57-6CA7A5519493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo.", }, ], id: "CVE-2006-0147", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-01-09T23:03:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17418", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18233", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18254", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18260", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18267", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18276", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19555", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19590", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19591", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19600", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19628", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/19691", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2006/dsa-1031", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/22291", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/430743/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0101", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0102", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0103", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0104", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1305", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/1332", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24052", }, { source: "cve@mitre.org", url: "https://www.exploit-db.com/exploits/1663", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://retrogod.altervista.org/simplog_092_incl_xpl.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17418", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18233", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/18267", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18276", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19555", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19590", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19591", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/19600", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/19628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/19691", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2005-64/advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2006/dsa-1030", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2006/dsa-1031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/22291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/430448/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/430743/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0101", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1305", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/1332", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.exploit-db.com/exploits/1663", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-06-07 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*", matchCriteriaId: "C6D665BF-4F89-4333-81B2-0D6821E91C09", versionEndIncluding: "0.8.6i", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.", }, { lang: "es", value: "Cacti 0.8.6i y, posiblemente otras versiones, permite a usuarios remotos autenticados provocar una denegación de servicio (agotamiento de CPU) mediante un valor largo en los parámetros (1) graph_start o (2) graph_end.", }, ], evaluatorSolution: "The vendor", id: "CVE-2007-3112", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-06-07T21:30:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html", }, { source: "cve@mitre.org", url: "http://bugs.cacti.net/view.php?id=955", }, { source: "cve@mitre.org", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { source: "cve@mitre.org", url: "http://mdessus.free.fr/?p=15", }, { source: "cve@mitre.org", url: "http://osvdb.org/37019", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/25557", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26872", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.cacti.net/view.php?id=955", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fedoranews.org/updates/FEDORA-2007-219.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://mdessus.free.fr/?p=15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/37019", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/25557", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26872", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=243592", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34747", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-07-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.8 | |
| the_cacti_group | cacti | 0.8.1 | |
| the_cacti_group | cacti | 0.8.2 | |
| the_cacti_group | cacti | 0.8.2a | |
| the_cacti_group | cacti | 0.8.3 | |
| the_cacti_group | cacti | 0.8.3a | |
| the_cacti_group | cacti | 0.8.4 | |
| the_cacti_group | cacti | 0.8.5 | |
| the_cacti_group | cacti | 0.8.5a | |
| the_cacti_group | cacti | 0.8.6 | |
| the_cacti_group | cacti | 0.8.6a | |
| the_cacti_group | cacti | 0.8.6b | |
| the_cacti_group | cacti | 0.8.6c | |
| the_cacti_group | cacti | 0.8.6d | |
| the_cacti_group | cacti | 0.8.6e |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", matchCriteriaId: "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", matchCriteriaId: "D1896A7C-6938-494D-90A5-E10BC91EB37D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", matchCriteriaId: "19CD9A10-32F6-45A4-8793-87E0C2E78675", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", matchCriteriaId: "C6EF1390-E1B5-45B0-8732-A7004351E1BF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", matchCriteriaId: "5D3D7996-E56A-4B72-864E-EC6037028351", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", matchCriteriaId: "000AE712-7298-4CA1-930B-4DF372671EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", matchCriteriaId: "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5:*:*:*:*:*:*:*", matchCriteriaId: "DFF12ADC-83AA-45FE-9678-F49D05234D39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", matchCriteriaId: "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6:*:*:*:*:*:*:*", matchCriteriaId: "166938A7-2DE3-456D-BE47-6041895E2204", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6a:*:*:*:*:*:*:*", matchCriteriaId: "C7C5ABA2-9BCB-420A-A9E3-8B590F3DD4C0", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6b:*:*:*:*:*:*:*", matchCriteriaId: "EB59E467-8AA1-4D95-B81A-2EFF6F19C34A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6c:*:*:*:*:*:*:*", matchCriteriaId: "81F29217-19A4-453D-8290-D35049E45160", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6d:*:*:*:*:*:*:*", matchCriteriaId: "B424B2E4-5F57-411D-8A69-91E8975A7D33", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.8.6e:*:*:*:*:*:*:*", matchCriteriaId: "1CAB1F6F-06D2-40C7-9D9C-0ABAADDEAC72", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.", }, ], id: "CVE-2005-2149", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-07-06T04:00:00.000", references: [ { source: "security@debian.org", url: "http://securitytracker.com/id?1014361", }, { source: "security@debian.org", tags: [ "Patch", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { source: "security@debian.org", tags: [ "Patch", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { source: "security@debian.org", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "security@debian.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.hardened-php.net/advisory-052005.php", }, { source: "security@debian.org", url: "http://www.securityfocus.com/archive/1/404040", }, { source: "security@debian.org", url: "http://www.securityfocus.com/bid/14130", }, { source: "security@debian.org", url: "http://www.vupen.com/english/advisories/2005/0951", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1014361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2005/dsa-764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.hardened-php.net/advisory-052005.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/404040", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/14130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/0951", }, ], sourceIdentifier: "security@debian.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2003-04-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.", }, { lang: "es", value: "graphs.php en Cacti anteriores a 0.6.8 permite a administradores ejecutar comandos arbitrarios mediante metacaractéres de shell en el título durante el modo de edición.", }, ], id: "CVE-2002-1477", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-04-22T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2002/dsa-164", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10048.php", }, { source: "cve@mitre.org", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/5627", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.debian.org/security/2002/dsa-164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10048.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/5627", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2003-04-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/10049.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt | URL Repurposed | |
| cve@mitre.org | http://www.securityfocus.com/bid/5628 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10049.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt | URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5628 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.", }, { lang: "es", value: "Cacti anteriores a 0.6.8 almacena un nombre de usuario y contraseña de MySQL en texto plano en config.php, que tiene permiso de lectura para todo el mundo, lo que permite a usuarios locales modificar bases de datos como el usuario Cacti y posiblemente ganar privilegios.", }, ], id: "CVE-2002-1479", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-04-22T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10049.php", }, { source: "cve@mitre.org", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/5628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10049.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/5628", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2003-04-22 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| the_cacti_group | cacti | 0.5 | |
| the_cacti_group | cacti | 0.6 | |
| the_cacti_group | cacti | 0.6.1 | |
| the_cacti_group | cacti | 0.6.2 | |
| the_cacti_group | cacti | 0.6.3 | |
| the_cacti_group | cacti | 0.6.4 | |
| the_cacti_group | cacti | 0.6.5 | |
| the_cacti_group | cacti | 0.6.6 | |
| the_cacti_group | cacti | 0.6.7 | |
| the_cacti_group | cacti | 0.6.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*", matchCriteriaId: "82F66D31-8CEF-46F5-98EB-3EABA326E003", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*", matchCriteriaId: "88AB7EF7-FD9D-4854-8B18-9BB214E9C03E", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*", matchCriteriaId: "97372003-62C9-4981-8E8E-22C1D19333F3", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*", matchCriteriaId: "421F4C7D-A2C4-47CC-B663-4E12CD130D04", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*", matchCriteriaId: "70A04BE7-5893-45F1-9F9A-B869E3963EAF", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*", matchCriteriaId: "59471E38-C230-43D5-9533-5B2CB327DB39", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*", matchCriteriaId: "04D3E0EF-80B7-49E0-9DAF-3752E08AD64D", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "9D46F997-5FE7-477A-A161-4E682579124A", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*", matchCriteriaId: "51B5B1BE-1B7D-4338-A189-C5D401AF1857", vulnerable: true, }, { criteria: "cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*", matchCriteriaId: "BFD527D7-C79F-42D5-9CB7-B5CA9B242BDA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cacti before 0.6.8 allows attackers to execute arbitrary commands via the \"Data Input\" option in console mode.", }, { lang: "es", value: "Cacti anteriores a 0.6.8 permite a atacantes ejecutar comandos arbitrarios mediante la opción \"Data Input\" en el modo de consola.", }, ], id: "CVE-2002-1478", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2003-04-22T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2002/dsa-164", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10050.php", }, { source: "cve@mitre.org", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/5630", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2002/dsa-164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.iss.net/security_center/static/10050.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "URL Repurposed", ], url: "http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/5630", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }