CVE-2008-0785
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2008-0785
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-0785.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2008-0785
- Related
- Published
- 2008-02-14T23:00:00Z
- Modified
- 2024-11-21T00:42:54Z
- Summary
- [none]
- Details
-
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graphlist parameter to graphview.php, (2) leafid and id parameters to tree.php, (3) localgraphid parameter to graphxport.php, and (4) login_username parameter to index.php/login.
- References
-
- http://secunia.com/advisories/28872
- http://secunia.com/advisories/28976
- http://secunia.com/advisories/29242
- http://secunia.com/advisories/29274
- http://secunia.com/advisories/30045
- http://security.gentoo.org/glsa/glsa-200803-18.xml
- http://www.debian.org/security/2008/dsa-1569
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:052
- http://www.vupen.com/english/advisories/2008/0540
- http://www.securityfocus.com/bid/27749
- http://www.cacti.net/release_notes_0_8_7b.php
- https://bugzilla.redhat.com/show_bug.cgi?id=432758
- http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
- http://securityreason.com/securityalert/3657
- http://www.securityfocus.com/archive/1/488013/100/0/threaded
- http://www.securityfocus.com/archive/1/488018/100/0/threaded
- http://www.securitytracker.com/id?1019414
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html
- https://security-tracker.debian.org/tracker/CVE-2008-0785
Affected packages
Debian:11 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source
Debian:12 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source
Debian:13 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source