CVE-2008-0785 in Cactiinformazioni

Riassunto

di MITRE

Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

14/02/2008

Divulgazione

14/02/2008

Moderazione

accettato

Voce

VDB-41063

CPE

pronto

CWE

CWE-89 (confermato)

Sfruttamento

Scaricare

CVSS

7.5 (NVD)

EPSS

0.03435

KEV

Attività

molto basso

Settore

Finance, Insurance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-0785
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-0785
CVE Details	https://www.cvedetails.com/cve/CVE-2008-0785/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!