CVE-2015-8369
EPSS 0.50%cacti - security update
Published: 12/17/2015Modified: 3/9/2026
Description
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.
Affected packages (3)
- Debian/cactifrom 0, < 0.8.8f+ds1-3
- Debian/cactifrom 0, < 0.8.7g-1+squeeze9+deb6u11
- Debian/cactifrom 0, < 0.8.8a+dfsg-5+deb7u7