CVE-2010-1431

EPSS 6.0%

cacti - missing input sanitising

發布日:2010/5/4修改日:2026/5/27

描述

SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.

受影響套件(2)

Debian/cactifrom 0, < 0.8.7e-3
Debian/cactifrom 0, < 0.8.7b-2.1+lenny2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-1431