CVE-2008-0785
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2008-0785
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-0785.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2008-0785
- Downstream
- Published
- 2008-02-14T23:00:00Z
- Modified
- 2025-08-09T19:01:29Z
- Summary
- [none]
- Details
-
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graphlist parameter to graphview.php, (2) leafid and id parameters to tree.php, (3) localgraphid parameter to graphxport.php, and (4) login_username parameter to index.php/login.
- References
-
- http://secunia.com/advisories/28872
- http://secunia.com/advisories/28976
- http://secunia.com/advisories/29242
- http://secunia.com/advisories/29274
- http://secunia.com/advisories/30045
- http://security.gentoo.org/glsa/glsa-200803-18.xml
- http://www.debian.org/security/2008/dsa-1569
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:052
- http://www.vupen.com/english/advisories/2008/0540
- http://www.securityfocus.com/bid/27749
- http://www.cacti.net/release_notes_0_8_7b.php
- https://bugzilla.redhat.com/show_bug.cgi?id=432758
- http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
- http://securityreason.com/securityalert/3657
- http://www.securityfocus.com/archive/1/488013/100/0/threaded
- http://www.securityfocus.com/archive/1/488018/100/0/threaded
- http://www.securitytracker.com/id?1019414
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html
- https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html