VulnerableCode Package Details - pkg:deb/debian/cacti@0.8.7i-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4ytj-s8hh-6bd5	SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.	CVE-2011-4824
VCID-ddq2-myvr-wfgz	Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.	CVE-2011-5223
VCID-jmv3-vh81-zfdq	Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.	CVE-2022-48547
VCID-p2u2-5yuu-jydy	As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.	CVE-2021-26247

Vulnerability

Summary

Aliases

VCID-4ytj-s8hh-6bd5

SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

CVE-2011-4824

VCID-ddq2-myvr-wfgz

Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2011-5223

VCID-jmv3-vh81-zfdq

Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

CVE-2022-48547

VCID-p2u2-5yuu-jydy

As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.

CVE-2021-26247

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:09:14.202436+00:00	Debian Importer	Fixing	VCID-p2u2-5yuu-jydy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:37:04.233139+00:00	Debian Importer	Fixing	VCID-ddq2-myvr-wfgz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:42:28.626448+00:00	Debian Importer	Fixing	VCID-jmv3-vh81-zfdq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:39:43.060985+00:00	Debian Importer	Fixing	VCID-4ytj-s8hh-6bd5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:02:55.235614+00:00	Debian Importer	Fixing	VCID-p2u2-5yuu-jydy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:38:38.262582+00:00	Debian Importer	Fixing	VCID-ddq2-myvr-wfgz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:27:19.464586+00:00	Debian Importer	Fixing	VCID-jmv3-vh81-zfdq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:49:21.551967+00:00	Debian Importer	Fixing	VCID-4ytj-s8hh-6bd5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:17:32.520814+00:00	Debian Importer	Fixing	VCID-p2u2-5yuu-jydy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:15:34.151503+00:00	Debian Importer	Fixing	VCID-ddq2-myvr-wfgz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:05:38.681686+00:00	Debian Importer	Fixing	VCID-jmv3-vh81-zfdq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:02:16.143957+00:00	Debian Importer	Fixing	VCID-4ytj-s8hh-6bd5	https://security-tracker.debian.org/tracker/data/json	38.1.0