|
|
Subscribe / Log in / New account

cacti: two vulnerabilities

Package(s):cacti CVE #(s):CVE-2015-2665 CVE-2015-4454
Created:June 25, 2015 Updated:July 1, 2015
Description: From the Red Hat bugzilla entries:

CVE-2015-2665: Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2015-4454: SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.

Alerts:
Fedora FEDORA-2016-4a5ce6a6c0 cacti 2016-05-04
Fedora FEDORA-2016-a8e2be0fe6 cacti 2016-05-04
Mageia MGASA-2015-0306 cacti 2015-08-10
Debian-LTS DLA-255-1 cacti 2015-06-27
Debian DSA-3295-1 cacti 2015-06-24
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds