CVE-2015-8377
EPSS 0.33%cacti - security update
發布日:2015/12/15修改日:2026/5/27
也稱為:DEBIAN-CVE-2015-8377
描述
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted serialized data in the selected_graphs_array parameter in a save action.
受影響套件(2)
- Debian/cactifrom 0, < 0.8.8f+ds1-4
- Debian/cactifrom 0, < 0.8.8a+dfsg-5+deb7u8