| Max CVSS | 10.0 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-2148 | 7.5 |
Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the att
|
11-07-2017 - 01:32 | 06-07-2005 - 04:00 | |
| CVE-2005-2149 | 10.0 |
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
|
08-03-2011 - 02:23 | 06-07-2005 - 04:00 |