Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Cacti — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting Cacti. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Cacti:cacti
CVE IDTitleCVSSSeverityPublished
CVE-2023-39511 Stored Cross-Site-Scripting on reports_admin.php device name in Cacti — cactiCWE-79 6.1 Medium2023-09-06
CVE-2023-30534 Insecure Deserialization in Cacti — cactiCWE-502 4.3 Medium2023-09-05
CVE-2023-31132 Cacti Privilege Escalation — cactiCWE-306 7.8 High2023-09-05
CVE-2023-39362 Authenticated command injection in SNMP options of a Device — cactiCWE-78 7.2 High2023-09-05
CVE-2023-39364 Open redirect in change password functionality in Cacti — cactiCWE-601 3.5 Low2023-09-05
CVE-2023-39516 Stored Cross-Site-Scripting on data_sources.php debug html-block in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39365 Unchecked regular expressions can lead to SQL Injection and data leakage in Cacti — cactiCWE-89 4.6 Medium2023-09-05
CVE-2023-39357 A Defect in sql_save() Causes Multiple SQL Injection Vulnerabilities in Cacti — cactiCWE-89 8.8 High2023-09-05
CVE-2023-39358 Authenticated SQL injection vulnerability in reports_user.php in Cacti — cactiCWE-89 8.8 High2023-09-05
CVE-2023-39359 Authenticated SQL injection vulnerability in graphs.php in Cacti — cactiCWE-89 8.8 High2023-09-05
CVE-2023-39361 Unauthenticated SQL Injection in graph_view.php in Cacti — cactiCWE-89 9.8 Critical2023-09-05
CVE-2023-39360 Reflected Cross-site Scripting in graphs_new.php in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39366 Stored Cross-site Scripting in data_sources.php through Device-Name in 'select' input in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39510 Stored Cross-site Scripting in reports_admin.php through Device-Name in 'select' input in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39512 Stored Cross-site Scripting on data_sources.php device name view in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39513 Stored Cross-site Scripting on host.php verbose data-query debug view in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39515 Stored Cross-site Scripting on data_debug.php datasource path view in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2023-39514 Stored Cross-site Scripting on graphs.php data template formated name view in Cacti — cactiCWE-79 6.1 Medium2023-09-05
CVE-2022-46169 Unauthenticated Command Injection — cactiCWE-74 9.8 Critical2022-12-05

This page lists every published CVE security advisory associated with Cacti. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.