CVE-2010-1431
EPSS 6.0%cacti - missing input sanitising
Published: 5/4/2010Modified: 5/27/2026
Description
SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.
Affected packages (2)
- Debian/cactifrom 0, < 0.8.7e-3
- Debian/cactifrom 0, < 0.8.7b-2.1+lenny2