Vulnerability Database
299,686
Total vulnerabilities in the database
CVE-2014-2326
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| Software | From | Fixed in |
|---|---|---|
| fedoraproject / fedora | 20 | 20.x |
| fedoraproject / fedora | 19 | 19.x |
| opensuse / opensuse | 13.1 | 13.1.x |
| opensuse / opensuse | 13.2 | 13.2.x |
| cacti / cacti | 0.8.7g | 0.8.7g.x |
| debian / debian_linux | 7.0 | 7.0.x |
- http://bugs.cacti.net/view.php?id=2431
- http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131821.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131842.html
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html
- http://packetstormsecurity.com/files/125849/Deutsche-Telekom-CERT-Advisory-DTC-A-20140324-001.html
- http://secunia.com/advisories/57647
- http://secunia.com/advisories/59203
- http://svn.cacti.net/viewvc?view=rev&revision=7443
- http://www.debian.org/security/2014/dsa-2970
- http://www.securityfocus.com/archive/1/531588
- http://www.securityfocus.com/bid/66390
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
- https://security.gentoo.org/glsa/201509-03
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime