| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-1526 | 7.5 |
PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.
|
11-07-2017 - 01:32 | 22-06-2005 - 04:00 | |
| CVE-2005-2148 | 7.5 |
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the att
|
11-07-2017 - 01:32 | 06-07-2005 - 04:00 | |
| CVE-2005-1525 | 7.5 |
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
11-07-2017 - 01:32 | 22-06-2005 - 04:00 | |
| CVE-2005-1524 | 5.0 |
PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter.
|
11-07-2017 - 01:32 | 22-06-2005 - 04:00 | |
| CVE-2005-2149 | 10.0 |
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
|
08-03-2011 - 02:23 | 06-07-2005 - 04:00 |