CVE-2008-0785 in Cactiinfo

Zusammenfassung

von MITRE

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

14.02.2008

Veröffentlichung

14.02.2008

Moderieren

akzeptiert

Eintrag

VDB-41063

CPE

bereit

CWE

CWE-89 (bestätigt)

Exploit

Download

CVSS

7.5 (NVD)

EPSS

0.03435

KEV

nein

Aktivitäten

very low

Sektor

Insurance, Hostingprovider, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-0785
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0785
CVE Details	https://www.cvedetails.com/cve/CVE-2008-0785/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!