Total vulnerabilities in the database
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.
Software | From | Fixed in |
---|---|---|
cacti / cacti | 0.8.7 | 0.8.7.x |
cacti / cacti | 0.8.7d | 0.8.7d.x |
cacti / cacti | 0.8.7b | 0.8.7b.x |
cacti / cacti | 0.8.6e | 0.8.6e.x |
cacti / cacti | 0.8.7a | 0.8.7a.x |
cacti / cacti | 0.8.8 | 0.8.8.x |
cacti / cacti | 0.8.8a | 0.8.8a.x |
cacti / cacti | 0.8.7c | 0.8.7c.x |
cacti / cacti | 0.8.7f | 0.8.7f.x |
cacti / cacti | 0.8.7e | 0.8.7e.x |
cacti / cacti | 0.8.7i | 0.8.7i.x |
cacti / cacti | - | 0.8.8b.x |
cacti / cacti | 0.8.7g | 0.8.7g.x |