VDB

GCVE-110-MAGEIA-2016-178

GCVE-110-MAGEIA-2016-178
Advisory Published
Vulnetix · Advisory published May 18, 2016
Updated cacti package fixes security vulnerability: SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action (CVE-2016-3172). SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g and earlier allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter (CVE-2016-3659).

Affected Products

VendorProductVersionsPlatforms
Mageiacacti0 (affected), 0.8.8f-1.5.mga5 (unaffected)

Browse GCVE Records

71,925 records in the GCVE database · Updated July 13, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›