Описание
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.8.6h-1ubuntu3.1 |
| devel | released | 0.8.6i-3 |
| edgy | released | 0.8.6h-3ubuntu0.1 |
| feisty | released | 0.8.6i-3 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
Связанные уязвимости
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
config.php in Cacti 0.8.6e and earlier allows remote attackers to set ...
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
EPSS
10 Critical
CVSS2