Vulnerabilidades em Cacti
60 resultadosCVE-2023-39512MEDIUMStored Cross-site Scripting on data_sources.php device name view in CactiEPSS 0.7%CVE-2023-39515MEDIUMStored Cross-site Scripting on data_debug.php datasource path view in CactiEPSS 0.7%CVE-2023-39516MEDIUMStored Cross-Site-Scripting on data_sources.php debug html-block in CactiEPSS 0.7%CVE-2023-39511MEDIUMStored Cross-Site-Scripting on reports_admin.php device name in CactiEPSS 0.7%CVE-2024-54145MEDIUMCacti has a SQL Injection vulnerability when request automation devicesEPSS 0.7%CVE-2023-39364LOWOpen redirect in change password functionality in CactiEPSS 0.6%CVE-2024-30268MEDIUMCacti XSS vulnerability in display_settingsEPSS 0.6%CVE-2025-24368MEDIUMCacti has a SQL Injection vulnerability when using tree rules through Automation APIEPSS 0.5%CVE-2026-39948CRITICALCacti has SQL Injection via rfilter parameter in RLIKE clausesEPSS 0.5%CVE-2025-26520HIGHCacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue EPSS 0.4%CVE-2026-39938CRITICALCacti: Unauthenticated RCE on Graph ImageEPSS 0.4%CVE-2023-31132HIGHCacti Privilege EscalationEPSS 0.4%CVE-2026-39893CRITICALCacti: Pre-authentication SQL injection via rfilter RLIKE clause in graph_view.phpEPSS 0.4%CVE-2026-39955CRITICALCacti has Pre-Authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.phpEPSS 0.3%CVE-2026-39899MEDIUMCacti: Path Traversal via filename parameter in package_import.phpEPSS 0.3%CVE-2026-39951HIGHCacti: Stored SQL Injection via graph_name_regexp in Reports featureEPSS 0.2%CVE-2026-39900MEDIUMCacti: Reflected XSS via tab parameter in auth_profile.php JavaScript contextEPSS 0.2%CVE-2026-39897MEDIUMCacti has a Reflected XSS Vulnerability via html_auth_footerEPSS 0.2%CVE-2026-40080MEDIUMCacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirectEPSS 0.1%CVE-2026-39894LOWCacti: RRDtool metric shift via LC_NUMERIC locale comma decimal formattingEPSS 0.1%