SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
Software | From | Fixed in |
---|---|---|
the_cacti_group / cacti | - | 0.8.6d.x |
the_cacti_group / cacti | 0.5 | 0.5.x |
the_cacti_group / cacti | 0.6 | 0.6.x |
the_cacti_group / cacti | 0.6.1 | 0.6.1.x |
the_cacti_group / cacti | 0.6.2 | 0.6.2.x |
the_cacti_group / cacti | 0.6.3 | 0.6.3.x |
the_cacti_group / cacti | 0.6.4 | 0.6.4.x |
the_cacti_group / cacti | 0.6.5 | 0.6.5.x |
the_cacti_group / cacti | 0.6.6 | 0.6.6.x |
the_cacti_group / cacti | 0.6.7 | 0.6.7.x |
the_cacti_group / cacti | 0.6.8 | 0.6.8.x |
the_cacti_group / cacti | 0.6.8a | 0.6.8a.x |
the_cacti_group / cacti | 0.8 | 0.8.x |
the_cacti_group / cacti | 0.8.1 | 0.8.1.x |
the_cacti_group / cacti | 0.8.2 | 0.8.2.x |
the_cacti_group / cacti | 0.8.2a | 0.8.2a.x |
the_cacti_group / cacti | 0.8.3 | 0.8.3.x |
the_cacti_group / cacti | 0.8.3a | 0.8.3a.x |
the_cacti_group / cacti | 0.8.4 | 0.8.4.x |
the_cacti_group / cacti | 0.8.5a | 0.8.5a.x |