CVE-2024-54146

High CVSS: 7.6

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.

Vendor

Cacti

Product

Cacti

CWE

CWE-89

Yayın Tarihi

2025-01-27 17:15:16

Güncelleme

2025-03-04 16:57:01

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-89 Cacti HIGH Cacti 2025

Referanslar

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0 https://github.com/Cacti/cacti/security/advisories/GHSA-vj9g-p7f2-4wqj

Benzer Kayıtlar

High

CVE-2025-66399

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw i…

High

CVE-2005-10004

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authen…

High

CVE-2025-26520

Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template paramete…

High

CVE-2025-24367

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation…

Medium

CVE-2025-24368

Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php…

Critical

CVE-2025-22604

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, auth…