Computer Security

CVE-2008-0785
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-0785
StatusCandidate
DescriptionMultiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
PhaseAssigned (14.02.2008)
SecurityVulns:Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0785
ReferencesBID : 27749
 BUGTRAQ : 20080212 cacti -- Multiple security vulnerabilities have been discovered
 BUGTRAQ : 20080212 Cacti 0.8.7a Multiple Vulnerabilities
 CONFIRM : http://www.cacti.net/release_notes_0_8_7b.php
 FRSIRT : ADV-2008-0540
 SECTRACK : 1019414
 SECUNIA : 28872
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru