Back to search
CVE-2014-2708
Published: Apr 10, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6) print_source, (7) local_graph_id, or (8) rra_id parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2014-4928
vendor-advisory
x_refsource_FEDORA
http://bugs.cacti.net/view.php?id=2405
x_refsource_CONFIRM
cacti-cve20142708-sql-injection(92278)
vdb-entry
x_refsource_XF
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
x_refsource_CONFIRM
66555
vdb-entry
x_refsource_BID
http://svn.cacti.net/viewvc?view=rev&revision=7439
x_refsource_CONFIRM
59203
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20140401 CVE request: cacti "bug#0002405: SQL injection in graph_xport.php"
mailing-list
x_refsource_MLIST
FEDORA-2014-4892
vendor-advisory
x_refsource_FEDORA
[oss-security] 20140403 Re: CVE request: cacti "bug#0002405: SQL injection in graph_xport.php"
mailing-list
x_refsource_MLIST
57647
third-party-advisory
x_refsource_SECUNIA
DSA-2970
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=1084258
x_refsource_CONFIRM
GLSA-201509-03
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now