VDB
GCVE-VVD-MAGEIA-2015-306
GCVE-VVD-MAGEIA-2015-306
Advisory Published
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows
remote attackers to inject arbitrary web script or HTML via unspecified
vectors (CVE-2015-2665).
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers
to execute arbitrary SQL commands via unspecified vectors involving a cdef
id (CVE-2015-4342).
SQL injection vulnerability in the get_hash_graph_template function in
lib/functions.php in Cacti before 0.8.8d allows remote attackers to
execute arbitrary SQL commands via the graph_template_id parameter to
graph_templates.php (CVE-2015-4454).
SQL injection vulnerability in Cacti before 0.8.8e in graphs.php
(CVE-2015-4634).
The cacti package has been updated to version 0.8.8e, which fixes this
issue, as well as other SQL injection and XSS issues and other bugs
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | cacti | 0 (affected), 0.8.8f-1.mga4 (unaffected) | — |
| Mageia | cacti | 0 (affected), 0.8.8f-1.mga5 (unaffected) | — |
Aliases
Transitive aliases
CNVD-2015-03938CVE-2013-5589CVE-2015-8604GSD-2014-5262CVE-2014-5026CNVD-2016-02215GHSA-fwvm-rfh8-pm9xEUVD-2015-4653GHSA-fc89-v9fm-mhccCVE-2014-5261OPENSUSE-SU-2024:10084-1CVE-2014-2327CVE-2016-3659EUVD-2014-2736EUVD-2013-5429GSD-2016-3172GHSA-v774-w7w7-mvrgCVE-2014-2326GHSA-v7rc-xv6x-99vcVVD-GENTOO-2014-506356GHSA-33xj-hh55-6653GSD-2016-3659EUVD-2016-4684GHSA-f4fj-5r86-7vv3VVD-GENTOO-2015-554816GHSA-3pph-g5w6-c57wBDU:2016-01051EUVD-2014-2365VVD-GENTOO-2014-519900CVE-2013-5588CVE-2016-2313VVD-GENTOO-2014-515108VVD-MAGEIA-2014-403GHSA-hqj3-mvg5-35g5EUVD-2014-2363GHSA-4frf-q9p9-gg69GHSA-pf2x-7333-7fw9GHSA-g258-xc2f-gxcjCVE-2015-8377EUVD-2014-4924VVD-MAGEIA-2016-25GHSA-fwg6-8jf8-3wh3GHSA-gpvp-6xwc-m44gEUVD-2015-8482EUVD-2014-5155CNVD-2015-03939CNVD-2015-03937CVE-2014-4002CVE-2014-2708CVE-2014-2709VVD-MAGEIA-2016-178EUVD-2014-4925VVD-MAGEIA-2016-68GSD-2015-4454CNVD-2016-02028EUVD-2014-2737EUVD-2016-3397VVD-GENTOO-2016-570984EUVD-2014-5154EUVD-2014-2364GHSA-5r75-j6jg-x3cpGHSA-h375-wfx8-8qcxEUVD-2015-2757GHSA-8975-c5xr-xccwEUVD-2016-4214VVD-GENTOO-2015-551728GHSA-j268-9gfj-xh5mCVE-2014-5025CVE-2016-3172VVD-MAGEIA-2014-302GHSA-jhrc-rcvv-9rpcEUVD-2015-8253VVD-GENTOO-2016-582996CVE-2014-2328VVD-GENTOO-2013-482424GHSA-6mcp-hm3f-5j68EUVD-2013-5428GHSA-qw2x-4966-p858EUVD-2015-4474GSD-2015-2665EUVD-2014-3934GHSA-w6fq-c949-4cc3GHSA-gfqc-77c8-mw92EUVD-2015-8260CVE-2014-5262EUVD-2015-4365CVE-2015-8369VVD-GENTOO-2015-568400GSD-2014-5261
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.