- Home
- CVEs with nessus.description==Bonsai information security reports :
A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the 'export_item_id' parameter to 'templates_export.php' script is not properly sanitized before being used in a SQL query.
The same source also reported a command execution vulnerability. This second issue can be exploited by Cacti users who have the rights to modify device or graph configurations.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top