Back to search
CVE-2015-8377
Published: Dec 15, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
GLSA-201607-05
vendor-advisory
x_refsource_GENTOO
DSA-3494
vendor-advisory
x_refsource_DEBIAN
1034498
vdb-entry
x_refsource_SECTRACK
20151213 [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now