CVE-2015-8369

描述

SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.

受影響套件(3)

• Debian/cactifrom 0, < 0.8.8f+ds1-3
• Debian/cactifrom 0, < 0.8.7g-1+squeeze9+deb6u11
• Debian/cactifrom 0, < 0.8.8a+dfsg-5+deb7u7

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-8369