Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

cacti — Vulnerabilities & Security Advisories 54

All 54 CVE vulnerabilities found in cacti, with AI-generated Chinese analysis, references, and POCs.

Vendor: The Cacti Group, Inc.

CVE IDTitleCVSSSeverityPaused
CVE-2023-49084 Local File Inclusion (RCE) in Cacti CWE-98 8.1 High2023-12-21
CVE-2023-39511 Stored Cross-Site-Scripting on reports_admin.php device name in Cacti CWE-79 6.1 Medium2023-09-06
CVE-2023-30534 Insecure Deserialization in Cacti CWE-502 4.3 Medium2023-09-05
CVE-2023-31132 Cacti Privilege Escalation CWE-306 7.8 High2023-09-05
CVE-2023-39362 Authenticated command injection in SNMP options of a Device CWE-78 7.2 High2023-09-05
CVE-2023-39364 Open redirect in change password functionality in Cacti CWE-601 3.5 Low2023-09-05
CVE-2023-39516 Stored Cross-Site-Scripting on data_sources.php debug html-block in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39365 Unchecked regular expressions can lead to SQL Injection and data leakage in Cacti CWE-89 4.6 Medium2023-09-05
CVE-2023-39357 A Defect in sql_save() Causes Multiple SQL Injection Vulnerabilities in Cacti CWE-89 8.8 High2023-09-05
CVE-2023-39358 Authenticated SQL injection vulnerability in reports_user.php in Cacti CWE-89 8.8 High2023-09-05
CVE-2023-39359 Authenticated SQL injection vulnerability in graphs.php in Cacti CWE-89 8.8 High2023-09-05
CVE-2023-39361 Unauthenticated SQL Injection in graph_view.php in Cacti CWE-89 9.8 Critical2023-09-05
CVE-2023-39360 Reflected Cross-site Scripting in graphs_new.php in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39366 Stored Cross-site Scripting in data_sources.php through Device-Name in 'select' input in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39510 Stored Cross-site Scripting in reports_admin.php through Device-Name in 'select' input in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39512 Stored Cross-site Scripting on data_sources.php device name view in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39513 Stored Cross-site Scripting on host.php verbose data-query debug view in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39515 Stored Cross-site Scripting on data_debug.php datasource path view in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2023-39514 Stored Cross-site Scripting on graphs.php data template formated name view in Cacti CWE-79 6.1 Medium2023-09-05
CVE-2022-46169 Unauthenticated Command Injection CWE-74 9.8 Critical2022-12-05
CVE-2021-26247 Cacti 跨站脚本漏洞 CWE-79 6.1 -2022-01-19
CVE-2021-23225 Cacti 跨站脚本漏洞 CWE-79 5.4 -2022-01-19
CVE-2021-3816 Cacti 跨站脚本漏洞 CWE-79 5.4 -2022-01-19
CVE-2020-25706 Cacti 跨站脚本漏洞 CWE-79 5.4 Medium2020-11-12

All 54 known CVE vulnerabilities affecting cacti with full Chinese analysis, references, and POCs where available.