Package Instance

reference_id

dsa-5550

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h

reference_url

reference_id

GHSA-hrg9-qqqx-wc4h

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_id

WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

reference_id

WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39515

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-34z4-1zqk-afcm

url VCID-3rsg-kswx-73bj

vulnerability_id VCID-3rsg-kswx-73bj

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2967

reference_id

reference_type

scores

value	0.0032
scoring_system	epss
scoring_elements	0.54951
published_at	2026-04-01T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55054
published_at	2026-04-02T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55079
published_at	2026-04-13T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55055
published_at	2026-04-07T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55105
published_at	2026-04-08T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55104
published_at	2026-04-09T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55116
published_at	2026-04-11T12:55:00Z

value	0.0032
scoring_system	epss
scoring_elements	0.55096
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-2967

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rsg-kswx-73bj

url VCID-3tqy-g42y-9fef

vulnerability_id VCID-3tqy-g42y-9fef

summary A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25706

reference_id

reference_type

scores

value	0.01458
scoring_system	epss
scoring_elements	0.80772
published_at	2026-04-01T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80781
published_at	2026-04-02T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80802
published_at	2026-04-04T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80799
published_at	2026-04-07T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80826
published_at	2026-04-08T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80835
published_at	2026-04-09T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80851
published_at	2026-04-11T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80836
published_at	2026-04-12T12:55:00Z

value	0.01458
scoring_system	epss
scoring_elements	0.80829
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25706

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25706
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25706

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-25706

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tqy-g42y-9fef

url VCID-3x9k-en7a-nkht

vulnerability_id VCID-3x9k-en7a-nkht

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.cacti.net/view.php?id=2673
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2673

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html

reference_url	http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3659

reference_id

reference_type

scores

value	0.00587
scoring_system	epss
scoring_elements	0.69097
published_at	2026-04-13T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69127
published_at	2026-04-12T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69032
published_at	2026-04-01T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69049
published_at	2026-04-02T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.6907
published_at	2026-04-04T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69051
published_at	2026-04-07T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69101
published_at	2026-04-08T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.6912
published_at	2026-04-09T12:55:00Z

value	0.00587
scoring_system	epss
scoring_elements	0.69142
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3659

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659

reference_url	http://seclists.org/fulldisclosure/2016/Apr/4
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/Apr/4

reference_url	http://www.securityfocus.com/bid/85806
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/85806

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820521
reference_id	820521
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820521

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3659

reference_id

CVE-2016-3659

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3659

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2016-3659

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3x9k-en7a-nkht

url VCID-3y7d-ujep-4ydm

vulnerability_id VCID-3y7d-ujep-4ydm

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP < 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-34340

reference_id

reference_type

scores

value	0.00842
scoring_system	epss
scoring_elements	0.74739
published_at	2026-04-13T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.74732
published_at	2026-04-08T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.74747
published_at	2026-04-09T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.7477
published_at	2026-04-11T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.74749
published_at	2026-04-12T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.74699
published_at	2026-04-02T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.74726
published_at	2026-04-04T12:55:00Z

value	0.00842
scoring_system	epss
scoring_elements	0.747
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-34340

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34340
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34340

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m

reference_id

GHSA-37x7-mfjv-mm7m

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:13:47Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:13:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-34340

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3y7d-ujep-4ydm

url VCID-44fx-4w2y-y3dy

vulnerability_id VCID-44fx-4w2y-y3dy

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31458

reference_id

reference_type

scores

value	0.06015
scoring_system	epss
scoring_elements	0.90711
published_at	2026-04-13T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.907
published_at	2026-04-08T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.90705
published_at	2026-04-09T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.90714
published_at	2026-04-11T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.90715
published_at	2026-04-12T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.9067
published_at	2026-04-02T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.9068
published_at	2026-04-04T12:55:00Z

value	0.06015
scoring_system	epss
scoring_elements	0.90689
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31458

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31458
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31458

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x

reference_id

GHSA-jrxg-8wh8-943x

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-13T17:19:29Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-13T17:19:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31458

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44fx-4w2y-y3dy

url VCID-4twv-1yys-eban

vulnerability_id VCID-4twv-1yys-eban

summary Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), a part of each OID will be used as a key in an array that is used as part of a system command, causing a command execution vulnerability. This vulnerability is fixed in 1.2.29.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-22604

reference_id

reference_type

scores

value	0.72211
scoring_system	epss
scoring_elements	0.98754
published_at	2026-04-13T12:55:00Z

value	0.72211
scoring_system	epss
scoring_elements	0.98749
published_at	2026-04-07T12:55:00Z

value	0.72211
scoring_system	epss
scoring_elements	0.9875
published_at	2026-04-09T12:55:00Z

value	0.72211
scoring_system	epss
scoring_elements	0.98753
published_at	2026-04-12T12:55:00Z

value	0.72211
scoring_system	epss
scoring_elements	0.98742
published_at	2026-04-02T12:55:00Z

value	0.72211
scoring_system	epss
scoring_elements	0.98746
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-22604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22604
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22604

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574
reference_id	1094574
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574

reference_url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_id

c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-27T18:46:22Z/

url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36

reference_id

GHSA-c5j8-jxj3-hh36

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-27T18:46:22Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2025-22604

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4twv-1yys-eban

url VCID-4ytj-s8hh-6bd5

vulnerability_id VCID-4ytj-s8hh-6bd5

summary SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4824

reference_id

reference_type

scores

value	0.03247
scoring_system	epss
scoring_elements	0.87061
published_at	2026-04-01T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87072
published_at	2026-04-02T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87091
published_at	2026-04-04T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87084
published_at	2026-04-07T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87104
published_at	2026-04-08T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87112
published_at	2026-04-09T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87125
published_at	2026-04-11T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87119
published_at	2026-04-12T12:55:00Z

value	0.03247
scoring_system	epss
scoring_elements	0.87115
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4824

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652371
reference_id	652371
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652371

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

aliases CVE-2011-4824

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ytj-s8hh-6bd5

url VCID-5dm9-jpwc-gkeu

vulnerability_id VCID-5dm9-jpwc-gkeu

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1645.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1645.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1645

reference_id

reference_type

scores

value	0.02794
scoring_system	epss
scoring_elements	0.86094
published_at	2026-04-13T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.8603
published_at	2026-04-01T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86041
published_at	2026-04-02T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86058
published_at	2026-04-04T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86057
published_at	2026-04-07T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86077
published_at	2026-04-08T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86087
published_at	2026-04-09T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86102
published_at	2026-04-11T12:55:00Z

value	0.02794
scoring_system	epss
scoring_elements	0.86099
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1645

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1645
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1645

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=5778
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=5778

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=5782
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=5782

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=5784
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=5784

reference_url	http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
reference_id
reference_type
scores
url	http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php

reference_url	http://www.cacti.net/release_notes_0_8_7f.php
reference_id
reference_type
scores
url	http://www.cacti.net/release_notes_0_8_7f.php

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=609115
reference_id	609115
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=609115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1645

reference_id

CVE-2010-1645

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1645

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-1645

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dm9-jpwc-gkeu

url VCID-5ykb-6nvx-k3e4

vulnerability_id VCID-5ykb-6nvx-k3e4

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39362

reference_id

reference_type

scores

value	0.87228
scoring_system	epss
scoring_elements	0.99443
published_at	2026-04-02T12:55:00Z

value	0.87228
scoring_system	epss
scoring_elements	0.99445
published_at	2026-04-04T12:55:00Z

value	0.87228
scoring_system	epss
scoring_elements	0.99446
published_at	2026-04-07T12:55:00Z

value	0.87228
scoring_system	epss
scoring_elements	0.99447
published_at	2026-04-09T12:55:00Z

value	0.87228
scoring_system	epss
scoring_elements	0.99448
published_at	2026-04-11T12:55:00Z

value	0.87228
scoring_system	epss
scoring_elements	0.99449
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

reference_url

http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html

reference_id

Cacti-1.2.24-Command-Injection.html

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_id

CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51740.txt
reference_id	CVE-2023-39362
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51740.txt

reference_url

reference_id

dsa-5550

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp

reference_url

reference_id

GHSA-g6ff-58cj-x3cp

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_id

WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

reference_id

WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39362

risk_score 10.0

exploitability 2.0

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ykb-6nvx-k3e4

url VCID-6dxh-qpg7-q7g8

vulnerability_id VCID-6dxh-qpg7-q7g8

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	http://cacti.net/release_notes_0_8_7g.php
reference_id
reference_type
scores
url	http://cacti.net/release_notes_0_8_7g.php

reference_url	http://marc.info/?l=oss-security&m=127978954522586&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=127978954522586&w=2

reference_url	http://marc.info/?l=oss-security&m=128017203704299&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=128017203704299&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2544.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2544.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2544

reference_id

reference_type

scores

value	0.06007
scoring_system	epss
scoring_elements	0.90697
published_at	2026-04-13T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90651
published_at	2026-04-01T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90656
published_at	2026-04-02T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90666
published_at	2026-04-04T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90675
published_at	2026-04-07T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90686
published_at	2026-04-08T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90691
published_at	2026-04-09T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.907
published_at	2026-04-11T12:55:00Z

value	0.06007
scoring_system	epss
scoring_elements	0.90701
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2544

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2544
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2544

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/61226
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/61226

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6025
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6025

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

reference_url	http://www.securityfocus.com/bid/42575
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/42575

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=459105
reference_id	459105
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=459105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2544

reference_id

CVE-2010-2544

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2544

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/34504.txt
reference_id	CVE-2010-2544;OSVDB-67412
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/34504.txt

reference_url	https://www.securityfocus.com/bid/42575/info
reference_id	CVE-2010-2544;OSVDB-67412
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/42575/info

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-2544

risk_score 7.8

exploitability 2.0

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6dxh-qpg7-q7g8

url VCID-6n31-d4xy-d3fj

vulnerability_id VCID-6n31-d4xy-d3fj

summary A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12927

reference_id

reference_type

scores

value	0.00519
scoring_system	epss
scoring_elements	0.66725
published_at	2026-04-01T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66763
published_at	2026-04-02T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66789
published_at	2026-04-04T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6676
published_at	2026-04-07T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6681
published_at	2026-04-08T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66824
published_at	2026-04-09T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66844
published_at	2026-04-11T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6683
published_at	2026-04-12T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66798
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12927

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12927
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12927

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872478
reference_id	872478
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872478

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-12927

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6n31-d4xy-d3fj

url VCID-6t6n-ws5n-wkay

vulnerability_id VCID-6t6n-ws5n-wkay

summary Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31443

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.65708
published_at	2026-04-13T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65702
published_at	2026-04-04T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65667
published_at	2026-04-07T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65719
published_at	2026-04-08T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65731
published_at	2026-04-09T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65752
published_at	2026-04-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65737
published_at	2026-04-12T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65672
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31443

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31443
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31443

reference_url

https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf

reference_id

f946fa537d19678f938ddbd784a10e3290d275cf

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:21:18Z/

url

https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3

reference_id

GHSA-rqc8-78cm-85j3

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:21:18Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:21:18Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31443

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6t6n-ws5n-wkay

url VCID-6ze5-dqdn-ykg3

vulnerability_id VCID-6ze5-dqdn-ykg3

summary Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-45598

reference_id

reference_type

scores

value	0.00063
scoring_system	epss
scoring_elements	0.19758
published_at	2026-04-02T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.1981
published_at	2026-04-04T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19532
published_at	2026-04-07T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19611
published_at	2026-04-08T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19664
published_at	2026-04-09T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19668
published_at	2026-04-11T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24993
published_at	2026-04-12T12:55:00Z

value	0.00087
scoring_system	epss
scoring_elements	0.24939
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-45598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45598

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574
reference_id	1094574
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-45598

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ze5-dqdn-ykg3

url VCID-77tn-swar-87ec

vulnerability_id VCID-77tn-swar-87ec

summary several

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-5588

reference_id

reference_type

scores

value	0.00329
scoring_system	epss
scoring_elements	0.55772
published_at	2026-04-01T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55884
published_at	2026-04-02T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55906
published_at	2026-04-04T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55885
published_at	2026-04-07T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55935
published_at	2026-04-08T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55938
published_at	2026-04-09T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55947
published_at	2026-04-11T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55927
published_at	2026-04-12T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.55909
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-5588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2013-5588

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77tn-swar-87ec

url VCID-7dp4-9zks-mbgd

vulnerability_id VCID-7dp4-9zks-mbgd

summary Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10061

reference_id

reference_type

scores

value	0.00955
scoring_system	epss
scoring_elements	0.76368
published_at	2026-04-01T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76372
published_at	2026-04-02T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76402
published_at	2026-04-04T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76384
published_at	2026-04-07T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76416
published_at	2026-04-08T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.7643
published_at	2026-04-09T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76456
published_at	2026-04-11T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76434
published_at	2026-04-12T12:55:00Z

value	0.00955
scoring_system	epss
scoring_elements	0.76428
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10061

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2018-10061

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7dp4-9zks-mbgd

url VCID-7fvn-b8hn-dqeh

vulnerability_id VCID-7fvn-b8hn-dqeh

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.cacti.net/view.php?id=2667
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2667

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00074.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3172

reference_id

reference_type

scores

value	0.00504
scoring_system	epss
scoring_elements	0.66173
published_at	2026-04-13T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66204
published_at	2026-04-12T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66099
published_at	2026-04-01T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66141
published_at	2026-04-02T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66168
published_at	2026-04-04T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66136
published_at	2026-04-07T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66185
published_at	2026-04-08T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66198
published_at	2026-04-09T12:55:00Z

value	0.00504
scoring_system	epss
scoring_elements	0.66217
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3172

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172

reference_url	http://www.openwall.com/lists/oss-security/2016/03/10/13
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/10/13

reference_url	http://www.openwall.com/lists/oss-security/2016/03/15/11
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/03/15/11

reference_url	http://www.securityfocus.com/bid/84324
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84324

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818647
reference_id	818647
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818647

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3172

reference_id

CVE-2016-3172

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3172

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2016-3172

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7fvn-b8hn-dqeh

url VCID-7m68-seeq-tuae

vulnerability_id VCID-7m68-seeq-tuae

summary Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php is not thoroughly checked and is used to concatenate the SQL statement in build_rule_item_filter() function from lib/api_automation.php, resulting in SQL injection. This vulnerability is fixed in 1.2.29.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24368

reference_id

reference_type

scores

value	0.00069
scoring_system	epss
scoring_elements	0.2139
published_at	2026-04-04T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21335
published_at	2026-04-02T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29586
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.2964
published_at	2026-04-08T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29678
published_at	2026-04-09T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.2968
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29636
published_at	2026-04-12T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34947
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24368

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574
reference_id	1094574
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574

reference_url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_id

c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:53:31Z/

url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-f9c7-7rc3-574c

reference_id

GHSA-f9c7-7rc3-574c

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:53:31Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-f9c7-7rc3-574c

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2025-24368

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7m68-seeq-tuae

url VCID-7mht-4urq-13ek

vulnerability_id VCID-7mht-4urq-13ek

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-2665

reference_id

reference_type

scores

value	0.00432
scoring_system	epss
scoring_elements	0.62541
published_at	2026-04-01T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62599
published_at	2026-04-02T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62632
published_at	2026-04-04T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62597
published_at	2026-04-07T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62647
published_at	2026-04-08T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62663
published_at	2026-04-09T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62682
published_at	2026-04-11T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62671
published_at	2026-04-12T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62648
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-2665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-2665

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mht-4urq-13ek

url VCID-7p95-t48a-hkdb

vulnerability_id VCID-7p95-t48a-hkdb

summary Multiple vulnerabilities were discovered in Cacti.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0784

reference_id

reference_type

scores

value	0.01639
scoring_system	epss
scoring_elements	0.81869
published_at	2026-04-01T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.8188
published_at	2026-04-02T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81903
published_at	2026-04-04T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81899
published_at	2026-04-07T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81926
published_at	2026-04-08T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81932
published_at	2026-04-09T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81952
published_at	2026-04-11T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.8194
published_at	2026-04-12T12:55:00Z

value	0.01639
scoring_system	epss
scoring_elements	0.81934
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0784

reference_url	https://security.gentoo.org/glsa/200803-18
reference_id	GLSA-200803-18
reference_type
scores
url	https://security.gentoo.org/glsa/200803-18

fixed_packages

url pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

purl pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5dm9-jpwc-gkeu

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6dxh-qpg7-q7g8

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-88mp-1anp-m3g5

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-dycc-rydh-kycy

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jg8r-f76d-rke1

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-m6nf-2ppj-4fhg

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-sdme-n5ez-67fw

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

100

vulnerability	VCID-wrxa-2us4-vkf9

101

vulnerability	VCID-ws4h-295a-9qgx

102

vulnerability	VCID-x1fg-6mq4-d7ds

103

vulnerability	VCID-xbb2-av4z-m3dp

104

vulnerability	VCID-xdbp-7rtr-fyb7

105

vulnerability	VCID-xpvn-y3b8-skgb

106

vulnerability	VCID-y683-kz6e-afhv

107

vulnerability	VCID-y6jw-jm1g-ubgx

108

vulnerability	VCID-ya95-dsw9-pfhw

109

vulnerability	VCID-ybx7-gpq4-33ha

110

vulnerability	VCID-yjny-ubdp-7few

111

vulnerability	VCID-ypan-57sx-vyam

112

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7b-2.1%252Blenny5

aliases CVE-2008-0784

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7p95-t48a-hkdb

url VCID-85gc-u991-z3dw

vulnerability_id VCID-85gc-u991-z3dw

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-25641

reference_id

reference_type

scores

value	0.88383
scoring_system	epss
scoring_elements	0.99491
published_at	2026-04-02T12:55:00Z

value	0.88383
scoring_system	epss
scoring_elements	0.99498
published_at	2026-04-13T12:55:00Z

value	0.88383
scoring_system	epss
scoring_elements	0.99497
published_at	2026-04-09T12:55:00Z

value	0.88383
scoring_system	epss
scoring_elements	0.99496
published_at	2026-04-08T12:55:00Z

value	0.88383
scoring_system	epss
scoring_elements	0.99495
published_at	2026-04-07T12:55:00Z

value	0.88383
scoring_system	epss
scoring_elements	0.99493
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-25641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25641

reference_url

http://seclists.org/fulldisclosure/2024/May/6

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:38Z/

url

http://seclists.org/fulldisclosure/2024/May/6

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52225.txt
reference_id	CVE-2024-25641
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52225.txt

reference_url

https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210

reference_id

eff35b0ff26cc27c82d7880469ed6d5e3bef6210

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:38Z/

url

https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88

reference_id

GHSA-7cmj-g5qc-pj88

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:38Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-25641

risk_score 10.0

exploitability 2.0

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-85gc-u991-z3dw

url VCID-86gq-jsgy-8uep

vulnerability_id VCID-86gq-jsgy-8uep

summary Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23225

reference_id

reference_type

scores

value	0.00488
scoring_system	epss
scoring_elements	0.6539
published_at	2026-04-01T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65438
published_at	2026-04-02T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65466
published_at	2026-04-04T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.6543
published_at	2026-04-07T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65483
published_at	2026-04-08T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65495
published_at	2026-04-09T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65513
published_at	2026-04-11T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.655
published_at	2026-04-12T12:55:00Z

value	0.00488
scoring_system	epss
scoring_elements	0.65472
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23225

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23225
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23225

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2021-23225

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-86gq-jsgy-8uep

url VCID-88mp-1anp-m3g5

vulnerability_id VCID-88mp-1anp-m3g5

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	http://cacti.net/release_notes_0_8_7g.php
reference_id
reference_type
scores
url	http://cacti.net/release_notes_0_8_7g.php

reference_url	http://marc.info/?l=oss-security&m=127978954522586&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=127978954522586&w=2

reference_url	http://marc.info/?l=oss-security&m=128017203704299&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=128017203704299&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2545.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2545.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2545

reference_id

reference_type

scores

value	0.01797
scoring_system	epss
scoring_elements	0.82773
published_at	2026-04-13T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82707
published_at	2026-04-01T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82723
published_at	2026-04-02T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82736
published_at	2026-04-04T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82733
published_at	2026-04-07T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82759
published_at	2026-04-08T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82766
published_at	2026-04-09T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82783
published_at	2026-04-11T12:55:00Z

value	0.01797
scoring_system	epss
scoring_elements	0.82777
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2545

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2545
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2545

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/61227
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/61227

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6037
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6037

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6038
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6038

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6041
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6041

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6042
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6042

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

reference_url	http://www.securityfocus.com/bid/42575
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/42575

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=459229
reference_id	459229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=459229

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2545

reference_id

CVE-2010-2545

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2545

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-2545

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88mp-1anp-m3g5

url VCID-89pf-69jk-syfk

vulnerability_id VCID-89pf-69jk-syfk

summary A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20724

reference_id

reference_type

scores

value	0.00583
scoring_system	epss
scoring_elements	0.68964
published_at	2026-04-13T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68994
published_at	2026-04-12T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68899
published_at	2026-04-01T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68916
published_at	2026-04-07T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68937
published_at	2026-04-04T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68967
published_at	2026-04-08T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.68985
published_at	2026-04-09T12:55:00Z

value	0.00583
scoring_system	epss
scoring_elements	0.69008
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20724

reference_url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG

reference_url	https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/commit/1f42478506d83d188f68ce5ff41728a7bd159f53

reference_url	https://github.com/Cacti/cacti/issues/2212
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/2212

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20724

reference_id

CVE-2018-20724

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20724

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2018-20724

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89pf-69jk-syfk

url VCID-8j9j-nau8-a7cd

vulnerability_id VCID-8j9j-nau8-a7cd

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2708

reference_id

reference_type

scores

value	0.01497
scoring_system	epss
scoring_elements	0.8105
published_at	2026-04-01T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.81059
published_at	2026-04-02T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.81083
published_at	2026-04-07T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.8111
published_at	2026-04-08T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.81116
published_at	2026-04-09T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.81134
published_at	2026-04-11T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.8112
published_at	2026-04-12T12:55:00Z

value	0.01497
scoring_system	epss
scoring_elements	0.81114
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743565
reference_id	743565
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743565

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-2708

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8j9j-nau8-a7cd

url VCID-8nbc-ethb-6kcn

vulnerability_id VCID-8nbc-ethb-6kcn

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17358

reference_id

reference_type

scores

value	0.02298
scoring_system	epss
scoring_elements	0.84657
published_at	2026-04-01T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84671
published_at	2026-04-02T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84692
published_at	2026-04-04T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84694
published_at	2026-04-07T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84716
published_at	2026-04-08T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84723
published_at	2026-04-09T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84741
published_at	2026-04-11T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.84736
published_at	2026-04-12T12:55:00Z

value	0.02298
scoring_system	epss
scoring_elements	0.8473
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17358

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947375
reference_id	947375
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947375

reference_url	https://security.gentoo.org/glsa/202003-40
reference_id	GLSA-202003-40
reference_type
scores
url	https://security.gentoo.org/glsa/202003-40

fixed_packages

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2019-17358

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nbc-ethb-6kcn

url VCID-8pnc-kuf5-jqda

vulnerability_id VCID-8pnc-kuf5-jqda

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.cacti.net/view.php?id=2646
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2646

reference_url	http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/134724/Cacti-0.8.8f-SQL-Injection.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8369

reference_id

reference_type

scores

value	0.00495
scoring_system	epss
scoring_elements	0.65773
published_at	2026-04-13T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65689
published_at	2026-04-01T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65738
published_at	2026-04-02T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65768
published_at	2026-04-04T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65733
published_at	2026-04-07T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65786
published_at	2026-04-08T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65797
published_at	2026-04-09T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65817
published_at	2026-04-11T12:55:00Z

value	0.00495
scoring_system	epss
scoring_elements	0.65803
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8369

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8369
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8369

reference_url	http://seclists.org/fulldisclosure/2015/Dec/8
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2015/Dec/8

reference_url	http://www.debian.org/security/2015/dsa-3423
reference_id
reference_type
scores
url	http://www.debian.org/security/2015/dsa-3423

reference_url	http://www.securitytracker.com/id/1034497
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034497

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807599
reference_id	807599
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807599

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8369

reference_id

CVE-2015-8369

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8369

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-8369

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8pnc-kuf5-jqda

url VCID-9fdf-h49c-5qcj

vulnerability_id VCID-9fdf-h49c-5qcj

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.cacti.net/view.php?id=2656
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2656

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00077.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00078.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00080.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2313

reference_id

reference_type

scores

value	0.01075
scoring_system	epss
scoring_elements	0.77789
published_at	2026-04-13T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.7779
published_at	2026-04-12T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77729
published_at	2026-04-01T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77736
published_at	2026-04-02T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77762
published_at	2026-04-04T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77746
published_at	2026-04-07T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77774
published_at	2026-04-08T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77779
published_at	2026-04-09T12:55:00Z

value	0.01075
scoring_system	epss
scoring_elements	0.77806
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2313

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313

reference_url	http://www.cacti.net/release_notes_0_8_8g.php
reference_id
reference_type
scores
url	http://www.cacti.net/release_notes_0_8_8g.php

reference_url	http://www.securitytracker.com/id/1037745
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037745

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814353
reference_id	814353
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814353

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2313

reference_id

CVE-2016-2313

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2313

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

reference_url	https://security.gentoo.org/glsa/201711-10
reference_id	GLSA-201711-10
reference_type
scores
url	https://security.gentoo.org/glsa/201711-10

fixed_packages

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2016-2313

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fdf-h49c-5qcj

url VCID-9snd-k1cz-gyb5

vulnerability_id VCID-9snd-k1cz-gyb5

summary include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15194

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50291
published_at	2026-04-12T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50279
published_at	2026-04-13T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50317
published_at	2026-04-11T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54261
published_at	2026-04-01T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54338
published_at	2026-04-08T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54334
published_at	2026-04-09T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54286
published_at	2026-04-07T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54281
published_at	2026-04-02T12:55:00Z

value	0.00312
scoring_system	epss
scoring_elements	0.54311
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15194

reference_url	https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd

reference_url	https://github.com/Cacti/cacti/issues/1010
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1010

reference_url	http://www.securitytracker.com/id/1039569
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039569

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878304
reference_id	878304
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878304

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.25:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.25:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15194

reference_id

CVE-2017-15194

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15194

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-15194

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9snd-k1cz-gyb5

url VCID-9swv-zvke-ubet

vulnerability_id VCID-9swv-zvke-ubet

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8813

reference_id

reference_type

scores

value	0.93926
scoring_system	epss
scoring_elements	0.99879
published_at	2026-04-11T12:55:00Z

value	0.93926
scoring_system	epss
scoring_elements	0.9988
published_at	2026-04-13T12:55:00Z

value	0.94091
scoring_system	epss
scoring_elements	0.99904
published_at	2026-04-01T12:55:00Z

value	0.94091
scoring_system	epss
scoring_elements	0.99905
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8813

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8813
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8813

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951832
reference_id	951832
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951832

reference_url	https://github.com/mhaskar/CVE-2020-8813/blob/4877c2b2f378ce5937f56b259b69b02840514d4c/Cacti-postauth-rce.py
reference_id	CVE-2020-8813
reference_type	exploit
scores
url	https://github.com/mhaskar/CVE-2020-8813/blob/4877c2b2f378ce5937f56b259b69b02840514d4c/Cacti-postauth-rce.py

reference_url	https://github.com/mhaskar/CVE-2020-8813/blob/dfb48378f39249ff54ecf24ccd3b89db26971ccf/Cacti-preauth-rce.py
reference_id	CVE-2020-8813
reference_type	exploit
scores
url	https://github.com/mhaskar/CVE-2020-8813/blob/dfb48378f39249ff54ecf24ccd3b89db26971ccf/Cacti-preauth-rce.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48144.py
reference_id	CVE-2020-8813
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48144.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48145.py
reference_id	CVE-2020-8813
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48145.py

reference_url	https://security.gentoo.org/glsa/202004-16
reference_id	GLSA-202004-16
reference_type
scores
url	https://security.gentoo.org/glsa/202004-16

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-8813

risk_score 1.6

exploitability 2.0

weighted_severity 0.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9swv-zvke-ubet

url VCID-9vce-mkth-v3gn

vulnerability_id VCID-9vce-mkth-v3gn

summary Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12066

reference_id

reference_type

scores

value	0.0024
scoring_system	epss
scoring_elements	0.4723
published_at	2026-04-01T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47267
published_at	2026-04-02T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47286
published_at	2026-04-04T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47233
published_at	2026-04-07T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47288
published_at	2026-04-08T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47284
published_at	2026-04-09T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47308
published_at	2026-04-11T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47282
published_at	2026-04-12T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47289
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12066

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12066
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12066

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870354
reference_id	870354
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870354

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-12066

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vce-mkth-v3gn

url VCID-a8j1-24bw-gudu

vulnerability_id VCID-a8j1-24bw-gudu

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39364

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.3773
published_at	2026-04-02T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37755
published_at	2026-04-04T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37633
published_at	2026-04-07T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37684
published_at	2026-04-08T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37697
published_at	2026-04-09T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37711
published_at	2026-04-11T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37676
published_at	2026-04-12T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37648
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39364

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8j1-24bw-gudu

url VCID-aajr-s1n1-4ybu

vulnerability_id VCID-aajr-s1n1-4ybu

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12065

reference_id

reference_type

scores

value	0.03102
scoring_system	epss
scoring_elements	0.86807
published_at	2026-04-13T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86816
published_at	2026-04-11T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86812
published_at	2026-04-12T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86776
published_at	2026-04-04T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86774
published_at	2026-04-07T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86793
published_at	2026-04-08T12:55:00Z

value	0.03102
scoring_system	epss
scoring_elements	0.86802
published_at	2026-04-09T12:55:00Z

value	0.03315
scoring_system	epss
scoring_elements	0.87218
published_at	2026-04-02T12:55:00Z

value	0.03315
scoring_system	epss
scoring_elements	0.87208
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12065

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12065
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12065

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870353
reference_id	870353
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870353

reference_url	https://security.gentoo.org/glsa/201711-10
reference_id	GLSA-201711-10
reference_type
scores
url	https://security.gentoo.org/glsa/201711-10

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-12065

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aajr-s1n1-4ybu

url VCID-afss-mcgj-7bce

vulnerability_id VCID-afss-mcgj-7bce

summary Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

reference_id

reference_type

scores

value	0.00506
scoring_system	epss
scoring_elements	0.66228
published_at	2026-04-13T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66154
published_at	2026-04-01T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66195
published_at	2026-04-02T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66222
published_at	2026-04-04T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66191
published_at	2026-04-07T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66239
published_at	2026-04-08T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66252
published_at	2026-04-09T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66272
published_at	2026-04-11T12:55:00Z

value	0.00506
scoring_system	epss
scoring_elements	0.66259
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11691

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848
reference_id	869848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869848

reference_url	https://security.archlinux.org/ASA-201707-30
reference_id	ASA-201707-30
reference_type
scores
url	https://security.archlinux.org/ASA-201707-30

reference_url

https://security.archlinux.org/AVG-365

reference_id

AVG-365

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-365

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-11691

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afss-mcgj-7bce

url VCID-akj7-kh8f-97ct

vulnerability_id VCID-akj7-kh8f-97ct

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49088

reference_id

reference_type

scores

value	0.0102
scoring_system	epss
scoring_elements	0.77167
published_at	2026-04-02T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77196
published_at	2026-04-04T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77177
published_at	2026-04-07T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.7721
published_at	2026-04-08T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77218
published_at	2026-04-09T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77246
published_at	2026-04-11T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77225
published_at	2026-04-12T12:55:00Z

value	0.0102
scoring_system	epss
scoring_elements	0.77221
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49088

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

reference_url

https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php

reference_id

data_debug.php

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/

url

https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h

reference_id

GHSA-hrg9-qqqx-wc4h

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x

reference_id

GHSA-q7g7-gcf6-wh4x

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-49088

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akj7-kh8f-97ct

url VCID-ante-y18a-yyg7

vulnerability_id VCID-ante-y18a-yyg7

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4454

reference_id

reference_type

scores

value	0.00644
scoring_system	epss
scoring_elements	0.70575
published_at	2026-04-01T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70589
published_at	2026-04-02T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70605
published_at	2026-04-04T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70583
published_at	2026-04-07T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70629
published_at	2026-04-08T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70645
published_at	2026-04-09T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70667
published_at	2026-04-11T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70653
published_at	2026-04-12T12:55:00Z

value	0.00644
scoring_system	epss
scoring_elements	0.70638
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4454

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-4454

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ante-y18a-yyg7

url VCID-atbu-eegm-3ufy

vulnerability_id VCID-atbu-eegm-3ufy

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2326

reference_id

reference_type

scores

value	0.01268
scoring_system	epss
scoring_elements	0.79418
published_at	2026-04-01T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79425
published_at	2026-04-02T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79448
published_at	2026-04-04T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79434
published_at	2026-04-07T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79463
published_at	2026-04-08T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79473
published_at	2026-04-09T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79495
published_at	2026-04-11T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79478
published_at	2026-04-12T12:55:00Z

value	0.01268
scoring_system	epss
scoring_elements	0.79468
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
reference_id	742768
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-2326

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-atbu-eegm-3ufy

url VCID-ay5a-nkmf-5yar

vulnerability_id VCID-ay5a-nkmf-5yar

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49086

reference_id

reference_type

scores

value	0.00949
scoring_system	epss
scoring_elements	0.76305
published_at	2026-04-02T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76335
published_at	2026-04-04T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76314
published_at	2026-04-07T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76347
published_at	2026-04-08T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76361
published_at	2026-04-09T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76387
published_at	2026-04-11T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.76365
published_at	2026-04-12T12:55:00Z

value	0.00949
scoring_system	epss
scoring_elements	0.7636
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
reference_id	1059254
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-49086

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay5a-nkmf-5yar

url VCID-b8nc-qman-zkcd

vulnerability_id VCID-b8nc-qman-zkcd

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5261

reference_id

reference_type

scores

value	0.01337
scoring_system	epss
scoring_elements	0.79994
published_at	2026-04-13T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.79944
published_at	2026-04-01T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.79951
published_at	2026-04-02T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.79972
published_at	2026-04-04T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.7996
published_at	2026-04-07T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.79988
published_at	2026-04-08T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.79997
published_at	2026-04-09T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.80018
published_at	2026-04-11T12:55:00Z

value	0.01337
scoring_system	epss
scoring_elements	0.80001
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5261

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1127165
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1127165

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262

reference_url	http://seclists.org/oss-sec/2014/q3/351
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/351

reference_url	http://seclists.org/oss-sec/2014/q3/386
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/386

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/95292
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/95292

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=7454
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=7454

reference_url	http://www.debian.org/security/2014/dsa-3007
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3007

reference_url	http://www.securityfocus.com/bid/69213
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/69213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6e:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8a:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5261

reference_id

CVE-2014-5261

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5261

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-5261

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8nc-qman-zkcd

url VCID-be57-gxmc-vqd4

vulnerability_id VCID-be57-gxmc-vqd4

summary Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-43362

reference_id

reference_type

scores

value	0.05453
scoring_system	epss
scoring_elements	0.90185
published_at	2026-04-13T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90183
published_at	2026-04-09T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90192
published_at	2026-04-11T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90191
published_at	2026-04-12T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90156
published_at	2026-04-04T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90162
published_at	2026-04-07T12:55:00Z

value	0.05453
scoring_system	epss
scoring_elements	0.90177
published_at	2026-04-08T12:55:00Z

value	0.07763
scoring_system	epss
scoring_elements	0.91918
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-43362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43362

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c

reference_id

GHSA-wh9c-v56x-v77c

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T13:07:47Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-wh9c-v56x-v77c

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-43362

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-be57-gxmc-vqd4

url VCID-bj2d-v5dw-ykc7

vulnerability_id VCID-bj2d-v5dw-ykc7

summary Cacti: Privilege escalation under certain conditions

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4112.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4112

reference_id

reference_type

scores

value	0.07985
scoring_system	epss
scoring_elements	0.9205
published_at	2026-04-01T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92056
published_at	2026-04-02T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92064
published_at	2026-04-04T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92068
published_at	2026-04-07T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.9208
published_at	2026-04-08T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92084
published_at	2026-04-09T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92088
published_at	2026-04-12T12:55:00Z

value	0.07985
scoring_system	epss
scoring_elements	0.92083
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4112

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=542985
reference_id	542985
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=542985

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339
reference_id	561339
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561339

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33377.txt
reference_id	CVE-2009-4112;OSVDB-60653
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33377.txt

reference_url	https://www.securityfocus.com/bid/37145/info
reference_id	CVE-2009-4112;OSVDB-60653
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/37145/info

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2009-4112

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bj2d-v5dw-ykc7

url VCID-bwzz-1txv-3kam

vulnerability_id VCID-bwzz-1txv-3kam

summary Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parent_id parameter to tree.php and drp_action parameter to data_sources.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000032

reference_id

reference_type

scores

value	0.00196
scoring_system	epss
scoring_elements	0.41457
published_at	2026-04-01T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41546
published_at	2026-04-02T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41575
published_at	2026-04-04T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41501
published_at	2026-04-07T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41551
published_at	2026-04-08T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41559
published_at	2026-04-09T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4158
published_at	2026-04-11T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41547
published_at	2026-04-12T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41533
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000032

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000032
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000032

fixed_packages

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2017-1000032

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwzz-1txv-3kam

url VCID-c2b8-ss11-9yhq

vulnerability_id VCID-c2b8-ss11-9yhq

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39360

reference_id

reference_type

scores

value	0.00629
scoring_system	epss
scoring_elements	0.70215
published_at	2026-04-02T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70232
published_at	2026-04-04T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70209
published_at	2026-04-07T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70255
published_at	2026-04-08T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.7027
published_at	2026-04-09T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70294
published_at	2026-04-11T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70279
published_at	2026-04-12T12:55:00Z

value	0.00629
scoring_system	epss
scoring_elements	0.70267
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39360

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2b8-ss11-9yhq

url VCID-c4w5-q88d-z3hg

vulnerability_id VCID-c4w5-q88d-z3hg

summary Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10059

reference_id

reference_type

scores

value	0.00287
scoring_system	epss
scoring_elements	0.52027
published_at	2026-04-01T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52075
published_at	2026-04-02T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52101
published_at	2026-04-04T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52066
published_at	2026-04-07T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.5212
published_at	2026-04-08T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52116
published_at	2026-04-09T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52167
published_at	2026-04-11T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.5215
published_at	2026-04-12T12:55:00Z

value	0.00287
scoring_system	epss
scoring_elements	0.52135
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10059

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10059
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10059

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2018-10059

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c4w5-q88d-z3hg

url VCID-cre7-1uhc-bka2

vulnerability_id VCID-cre7-1uhc-bka2

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16723

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50274
published_at	2026-04-13T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50286
published_at	2026-04-12T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50221
published_at	2026-04-01T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50261
published_at	2026-04-02T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.5029
published_at	2026-04-04T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50238
published_at	2026-04-07T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50292
published_at	2026-04-08T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50284
published_at	2026-04-09T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50312
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16723

reference_url	https://github.com/Cacti/cacti/issues/2964
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/2964

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZO3ROHHPKLH2JRW7ES5FYSQTWIPNVLQB/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSCUUCKSYVZLN3PQE7NU76AFWUGT3E2D/

reference_url	https://seclists.org/bugtraq/2020/Jan/25
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2020/Jan/25

reference_url	https://www.debian.org/security/2020/dsa-4604
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4604

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941036
reference_id	941036
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941036

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16723

reference_id

CVE-2019-16723

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16723

reference_url	https://security.gentoo.org/glsa/202003-40
reference_id	GLSA-202003-40
reference_type
scores
url	https://security.gentoo.org/glsa/202003-40

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2019-16723

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cre7-1uhc-bka2

url VCID-cv9v-rynk-m7eb

vulnerability_id VCID-cv9v-rynk-m7eb

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1435

reference_id

reference_type

scores

value	0.01044
scoring_system	epss
scoring_elements	0.77417
published_at	2026-04-01T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77424
published_at	2026-04-02T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77449
published_at	2026-04-04T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77429
published_at	2026-04-07T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77459
published_at	2026-04-08T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77468
published_at	2026-04-09T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77494
published_at	2026-04-11T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77475
published_at	2026-04-12T12:55:00Z

value	0.01044
scoring_system	epss
scoring_elements	0.77471
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1435

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1434

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1435
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1435

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2013-1435

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cv9v-rynk-m7eb

url VCID-cxs3-zh36-m7en

vulnerability_id VCID-cxs3-zh36-m7en

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7106

reference_id

reference_type

scores

value	0.04094
scoring_system	epss
scoring_elements	0.88531
published_at	2026-04-01T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88539
published_at	2026-04-02T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88556
published_at	2026-04-04T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88559
published_at	2026-04-07T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88577
published_at	2026-04-08T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88582
published_at	2026-04-09T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88594
published_at	2026-04-11T12:55:00Z

value	0.04094
scoring_system	epss
scoring_elements	0.88586
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7106

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7106
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7106

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949996
reference_id	949996
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949996

reference_url	https://security.gentoo.org/glsa/202003-40
reference_id	GLSA-202003-40
reference_type
scores
url	https://security.gentoo.org/glsa/202003-40

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-7106

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cxs3-zh36-m7en

url VCID-d7db-n89n-qyd8

vulnerability_id VCID-d7db-n89n-qyd8

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49084

reference_id

reference_type

scores

value	0.88341
scoring_system	epss
scoring_elements	0.99488
published_at	2026-04-02T12:55:00Z

value	0.88341
scoring_system	epss
scoring_elements	0.9949
published_at	2026-04-04T12:55:00Z

value	0.88341
scoring_system	epss
scoring_elements	0.99492
published_at	2026-04-07T12:55:00Z

value	0.88341
scoring_system	epss
scoring_elements	0.99493
published_at	2026-04-08T12:55:00Z

value	0.88341
scoring_system	epss
scoring_elements	0.99494
published_at	2026-04-09T12:55:00Z

value	0.88341
scoring_system	epss
scoring_elements	0.99495
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254
reference_id	1059254
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-49084

risk_score 1.6

exploitability 2.0

weighted_severity 0.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7db-n89n-qyd8

url VCID-dbsu-au7h-xbcv

vulnerability_id VCID-dbsu-au7h-xbcv

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url	http://bugs.cacti.net/view.php?id=2456
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2456

reference_url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5025

reference_id

reference_type

scores

value	0.00453
scoring_system	epss
scoring_elements	0.63769
published_at	2026-04-13T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63688
published_at	2026-04-01T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63749
published_at	2026-04-02T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63774
published_at	2026-04-04T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63734
published_at	2026-04-07T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63785
published_at	2026-04-08T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63803
published_at	2026-04-09T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63816
published_at	2026-04-11T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63802
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/94814
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/94814

reference_url	http://www.debian.org/security/2014/dsa-3007
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3007

reference_url	http://www.openwall.com/lists/oss-security/2014/07/22/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/07/22/9

reference_url	http://www.securityfocus.com/bid/68759
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68759

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5025

reference_id

CVE-2014-5025

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5025

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-5025

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dbsu-au7h-xbcv

url VCID-dcnt-ev6f-tydd

vulnerability_id VCID-dcnt-ev6f-tydd

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.cacti.net/view.php?id=2652
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2652

reference_url	http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/135191/Cacti-0.8.8f-graphs_new.php-SQL-Injection.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8604

reference_id

reference_type

scores

value	0.00712
scoring_system	epss
scoring_elements	0.72269
published_at	2026-04-13T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72282
published_at	2026-04-12T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72226
published_at	2026-04-01T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72232
published_at	2026-04-02T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72251
published_at	2026-04-04T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72227
published_at	2026-04-07T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72264
published_at	2026-04-08T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72276
published_at	2026-04-09T12:55:00Z

value	0.00712
scoring_system	epss
scoring_elements	0.72298
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8604
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8604

reference_url	http://seclists.org/fulldisclosure/2016/Jan/16
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/Jan/16

reference_url	http://www.debian.org/security/2016/dsa-3494
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3494

reference_url	http://www.openwall.com/lists/oss-security/2016/01/04/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/04/8

reference_url	http://www.openwall.com/lists/oss-security/2016/01/04/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/04/9

reference_url	http://www.securitytracker.com/id/1034573
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034573

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8604

reference_id

CVE-2015-8604

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8604

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-8604

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dcnt-ev6f-tydd

url VCID-ddq2-myvr-wfgz

vulnerability_id VCID-ddq2-myvr-wfgz

summary Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

references

reference_url	http://bugs.cacti.net/view.php?id=2062
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2062

reference_url	http://forums.cacti.net/viewtopic.php?f=21&t=44116
reference_id
reference_type
scores
url	http://forums.cacti.net/viewtopic.php?f=21&t=44116

reference_url	http://forums.cacti.net/viewtopic.php?f=4&t=45871
reference_id
reference_type
scores
url	http://forums.cacti.net/viewtopic.php?f=4&t=45871

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-5223

reference_id

reference_type

scores

value	0.00453
scoring_system	epss
scoring_elements	0.63749
published_at	2026-04-13T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.6367
published_at	2026-04-01T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.6373
published_at	2026-04-02T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63755
published_at	2026-04-04T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63715
published_at	2026-04-07T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63767
published_at	2026-04-08T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63784
published_at	2026-04-09T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63797
published_at	2026-04-11T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63782
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-5223

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5223
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5223

reference_url	http://secunia.com/advisories/47195
reference_id
reference_type
scores
url	http://secunia.com/advisories/47195

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/71792
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/71792

reference_url	http://www.securityfocus.com/bid/51048
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/51048

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-5223

reference_id

CVE-2011-5223

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2011-5223

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

aliases CVE-2011-5223

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddq2-myvr-wfgz

url VCID-djgb-xu1j-53fb

vulnerability_id VCID-djgb-xu1j-53fb

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4002

reference_id

reference_type

scores

value	0.00431
scoring_system	epss
scoring_elements	0.62601
published_at	2026-04-12T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62471
published_at	2026-04-01T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62529
published_at	2026-04-02T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62562
published_at	2026-04-04T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62528
published_at	2026-04-07T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62578
published_at	2026-04-13T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62594
published_at	2026-04-09T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62612
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	http://secunia.com/advisories/59203
reference_id
reference_type
scores
url	http://secunia.com/advisories/59203

reference_url	http://secunia.com/advisories/59517
reference_id
reference_type
scores
url	http://secunia.com/advisories/59517

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=7451
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=7451

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=7452
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=7452

reference_url	http://www.debian.org/security/2014/dsa-2970
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2970

reference_url	http://www.securityfocus.com/bid/68257
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68257

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752573
reference_id	752573
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752573

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-4002

reference_id

CVE-2014-4002

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-4002

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-4002

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djgb-xu1j-53fb

url VCID-dycc-rydh-kycy

vulnerability_id VCID-dycc-rydh-kycy

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html
reference_id
reference_type
scores
url	http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2092.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2092.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2092

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.34082
published_at	2026-04-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33841
published_at	2026-04-01T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34179
published_at	2026-04-02T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34213
published_at	2026-04-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34076
published_at	2026-04-07T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34118
published_at	2026-04-08T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34149
published_at	2026-04-09T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34148
published_at	2026-04-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34105
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2092

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://www.cacti.net/changelog.php
reference_id
reference_type
scores
url	http://www.cacti.net/changelog.php

reference_url	http://www.debian.org/security/2010/dsa-2060
reference_id
reference_type
scores
url	http://www.debian.org/security/2010/dsa-2060

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582691
reference_id	582691
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=582691

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=609076
reference_id	609076
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=609076

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2092

reference_id

CVE-2010-2092

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2092

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-2092

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dycc-rydh-kycy

url VCID-e48s-dv1e-4fgn

vulnerability_id VCID-e48s-dv1e-4fgn

summary In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13231

reference_id

reference_type

scores

value	0.00453
scoring_system	epss
scoring_elements	0.63694
published_at	2026-04-01T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63754
published_at	2026-04-02T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.6378
published_at	2026-04-04T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63739
published_at	2026-04-07T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63791
published_at	2026-04-08T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63808
published_at	2026-04-09T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63821
published_at	2026-04-11T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63807
published_at	2026-04-12T12:55:00Z

value	0.00453
scoring_system	epss
scoring_elements	0.63773
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13231

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-13231

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e48s-dv1e-4fgn

url VCID-fhtp-y9a5-vqgj

vulnerability_id VCID-fhtp-y9a5-vqgj

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31445

reference_id

reference_type

scores

value	0.39471
scoring_system	epss
scoring_elements	0.97293
published_at	2026-04-09T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.97298
published_at	2026-04-13T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.97297
published_at	2026-04-12T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.97296
published_at	2026-04-11T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.9728
published_at	2026-04-02T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.97285
published_at	2026-04-04T12:55:00Z

value	0.39471
scoring_system	epss
scoring_elements	0.97286
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31445

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31445
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31445

reference_url

https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717

reference_id

api_automation.php#L717

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:40Z/

url

https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L717

reference_url

https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856

reference_id

api_automation.php#L856

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:40Z/

url

https://github.com/Cacti/cacti/blob/501712998589763d411a68d35e3cda98fd9cfd18/lib/api_automation.php#L856

reference_url

https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886

reference_id

fd93c6e47651958b77c3bbe6a01fff695f81e886

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:40Z/

url

https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc

reference_id

GHSA-vjph-r677-6pcc

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:40Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:40Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31445

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhtp-y9a5-vqgj

url VCID-fq36-1r9h-aff2

vulnerability_id VCID-fq36-1r9h-aff2

summary several

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-5589

reference_id

reference_type

scores

value	0.00417
scoring_system	epss
scoring_elements	0.61619
published_at	2026-04-01T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61694
published_at	2026-04-02T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61723
published_at	2026-04-04T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61695
published_at	2026-04-07T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61743
published_at	2026-04-08T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61759
published_at	2026-04-09T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.6178
published_at	2026-04-11T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61768
published_at	2026-04-12T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.61748
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-5589

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2013-5589

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fq36-1r9h-aff2

url VCID-fwp2-z586-ebbq

vulnerability_id VCID-fwp2-z586-ebbq

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17357

reference_id

reference_type

scores

value	0.16157
scoring_system	epss
scoring_elements	0.94764
published_at	2026-04-01T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94774
published_at	2026-04-02T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94778
published_at	2026-04-04T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94779
published_at	2026-04-07T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94788
published_at	2026-04-08T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94792
published_at	2026-04-09T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94797
published_at	2026-04-11T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.948
published_at	2026-04-12T12:55:00Z

value	0.16157
scoring_system	epss
scoring_elements	0.94801
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17357

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374
reference_id	947374
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947374

reference_url	https://security.gentoo.org/glsa/202003-40
reference_id	GLSA-202003-40
reference_type
scores
url	https://security.gentoo.org/glsa/202003-40

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2019-17357

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwp2-z586-ebbq

url VCID-gdfw-gryt-8qhg

vulnerability_id VCID-gdfw-gryt-8qhg

summary Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-10970

reference_id

reference_type

scores

value	0.00223
scoring_system	epss
scoring_elements	0.4491
published_at	2026-04-01T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44992
published_at	2026-04-02T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45013
published_at	2026-04-04T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44955
published_at	2026-04-07T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45007
published_at	2026-04-08T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45008
published_at	2026-04-09T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.4503
published_at	2026-04-11T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44998
published_at	2026-04-12T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.45
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-10970

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10970
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10970

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867532
reference_id	867532
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867532

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-10970

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdfw-gryt-8qhg

url VCID-gds4-k19q-ryf6

vulnerability_id VCID-gds4-k19q-ryf6

summary Multiple vulnerabilities were discovered in Cacti.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0785.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0785.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0785

reference_id

reference_type

scores

value	0.02085
scoring_system	epss
scoring_elements	0.83938
published_at	2026-04-01T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.83953
published_at	2026-04-02T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.83968
published_at	2026-04-04T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.83971
published_at	2026-04-07T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.83994
published_at	2026-04-08T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.84
published_at	2026-04-09T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.84016
published_at	2026-04-11T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.8401
published_at	2026-04-12T12:55:00Z

value	0.02085
scoring_system	epss
scoring_elements	0.84006
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0785

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=432758
reference_id	432758
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=432758

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530919
reference_id	530919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530919

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31156.txt
reference_id	CVE-2008-0785;OSVDB-41739
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31156.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31159.txt
reference_id	CVE-2008-0785;OSVDB-41783
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31159.txt

reference_url	https://www.securityfocus.com/bid/27749/info
reference_id	CVE-2008-0785;OSVDB-41783
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/27749/info

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31160.txt
reference_id	CVE-2008-0785;OSVDB-41784
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31160.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31161.txt
reference_id	CVE-2008-0785;OSVDB-41785
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31161.txt

reference_url	https://security.gentoo.org/glsa/200803-18
reference_id	GLSA-200803-18
reference_type
scores
url	https://security.gentoo.org/glsa/200803-18

fixed_packages

url pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

purl pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5dm9-jpwc-gkeu

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6dxh-qpg7-q7g8

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-88mp-1anp-m3g5

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-dycc-rydh-kycy

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jg8r-f76d-rke1

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-m6nf-2ppj-4fhg

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-sdme-n5ez-67fw

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

100

vulnerability	VCID-wrxa-2us4-vkf9

101

vulnerability	VCID-ws4h-295a-9qgx

102

vulnerability	VCID-x1fg-6mq4-d7ds

103

vulnerability	VCID-xbb2-av4z-m3dp

104

vulnerability	VCID-xdbp-7rtr-fyb7

105

vulnerability	VCID-xpvn-y3b8-skgb

106

vulnerability	VCID-y683-kz6e-afhv

107

vulnerability	VCID-y6jw-jm1g-ubgx

108

vulnerability	VCID-ya95-dsw9-pfhw

109

vulnerability	VCID-ybx7-gpq4-33ha

110

vulnerability	VCID-yjny-ubdp-7few

111

vulnerability	VCID-ypan-57sx-vyam

112

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7b-2.1%252Blenny5

aliases CVE-2008-0785

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gds4-k19q-ryf6

url VCID-h3qa-svy4-1fcr

vulnerability_id VCID-h3qa-svy4-1fcr

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49085

reference_id

reference_type

scores

value	0.91404
scoring_system	epss
scoring_elements	0.99656
published_at	2026-04-02T12:55:00Z

value	0.91404
scoring_system	epss
scoring_elements	0.99658
published_at	2026-04-04T12:55:00Z

value	0.91404
scoring_system	epss
scoring_elements	0.99659
published_at	2026-04-07T12:55:00Z

value	0.91404
scoring_system	epss
scoring_elements	0.9966
published_at	2026-04-09T12:55:00Z

value	0.91404
scoring_system	epss
scoring_elements	0.99661
published_at	2026-04-12T12:55:00Z

value	0.91404
scoring_system	epss
scoring_elements	0.99662
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-49085

risk_score 1.6

exploitability 2.0

weighted_severity 0.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3qa-svy4-1fcr

url VCID-hb4z-bmkm-akee

vulnerability_id VCID-hb4z-bmkm-akee

summary auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database, because the guest user is not considered. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-2313.

references

reference_url	http://bugs.cacti.net/view.php?id=2697
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2697

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10700

reference_id

reference_type

scores

value	0.00551
scoring_system	epss
scoring_elements	0.67989
published_at	2026-04-13T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.68023
published_at	2026-04-12T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.67928
published_at	2026-04-01T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.67951
published_at	2026-04-02T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.6797
published_at	2026-04-04T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.67949
published_at	2026-04-07T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.68
published_at	2026-04-08T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.68013
published_at	2026-04-09T12:55:00Z

value	0.00551
scoring_system	epss
scoring_elements	0.68037
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10700

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10700
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10700

reference_url	https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/commit/69983495cd41bf0903fe02baeef84b1fa85f2846

reference_url	https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697
reference_id
reference_type
scores
url	https://web.archive.org/web/20160817090458/http://bugs.cacti.net/view.php?id=2697

reference_url	http://www.cacti.net/release_notes_1_0_0.php
reference_id
reference_type
scores
url	http://www.cacti.net/release_notes_1_0_0.php

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833420
reference_id	833420
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833420

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-10700

reference_id

CVE-2016-10700

reference_type

scores

value	6.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-10700

fixed_packages

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2016-10700

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb4z-bmkm-akee

url VCID-hj89-pnag-3fer

vulnerability_id VCID-hj89-pnag-3fer

summary Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-43363

reference_id

reference_type

scores

value	0.75133
scoring_system	epss
scoring_elements	0.98876
published_at	2026-04-13T12:55:00Z

value	0.75133
scoring_system	epss
scoring_elements	0.98873
published_at	2026-04-08T12:55:00Z

value	0.75133
scoring_system	epss
scoring_elements	0.98875
published_at	2026-04-11T12:55:00Z

value	0.75133
scoring_system	epss
scoring_elements	0.98868
published_at	2026-04-02T12:55:00Z

value	0.75133
scoring_system	epss
scoring_elements	0.98869
published_at	2026-04-04T12:55:00Z

value	0.75133
scoring_system	epss
scoring_elements	0.98872
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-43363

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43363
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43363

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4

reference_id

GHSA-gxq4-mv8h-6qj4

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-08T14:21:20Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-gxq4-mv8h-6qj4

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-43363

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hj89-pnag-3fer

url VCID-huf2-qwju-6bf2

vulnerability_id VCID-huf2-qwju-6bf2

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39365

reference_id

reference_type

scores

value	0.0017
scoring_system	epss
scoring_elements	0.38327
published_at	2026-04-02T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38352
published_at	2026-04-04T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38217
published_at	2026-04-07T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38267
published_at	2026-04-08T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38275
published_at	2026-04-09T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38294
published_at	2026-04-11T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38258
published_at	2026-04-12T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38234
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_id

CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_url

reference_id

dsa-5550

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22

reference_url

reference_id

GHSA-v5w7-hww7-2f22

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_id

WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

reference_id

WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39365

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huf2-qwju-6bf2

url VCID-hwep-pw4e-efh5

vulnerability_id VCID-hwep-pw4e-efh5

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4342

reference_id

reference_type

scores

value	0.03761
scoring_system	epss
scoring_elements	0.87981
published_at	2026-04-01T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.87991
published_at	2026-04-02T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.88005
published_at	2026-04-04T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.8801
published_at	2026-04-07T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.8803
published_at	2026-04-08T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.88036
published_at	2026-04-09T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.88046
published_at	2026-04-11T12:55:00Z

value	0.03761
scoring_system	epss
scoring_elements	0.88039
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4342

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4342

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4454

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-4342

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwep-pw4e-efh5

url VCID-jg8r-f76d-rke1

vulnerability_id VCID-jg8r-f76d-rke1

summary cacti: Multiple cross-site scripting flaws

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4032.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4032.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4032

reference_id

reference_type

scores

value	0.06761
scoring_system	epss
scoring_elements	0.91248
published_at	2026-04-01T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91252
published_at	2026-04-02T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91262
published_at	2026-04-04T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91269
published_at	2026-04-07T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91282
published_at	2026-04-08T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91288
published_at	2026-04-09T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91295
published_at	2026-04-11T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91298
published_at	2026-04-12T12:55:00Z

value	0.06761
scoring_system	epss
scoring_elements	0.91297
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4032

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4032
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4032

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=541279
reference_id	541279
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=541279

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561338
reference_id	561338
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561338

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33374.txt
reference_id	CVE-2009-4032;OSVDB-60566
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/33374.txt

reference_url	https://www.securityfocus.com/bid/37109/info
reference_id	CVE-2009-4032;OSVDB-60566
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/37109/info

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2009-4032

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg8r-f76d-rke1

url VCID-jkca-shmj-mbbu

vulnerability_id VCID-jkca-shmj-mbbu

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31459

reference_id

reference_type

scores

value	0.01844
scoring_system	epss
scoring_elements	0.82968
published_at	2026-04-13T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82921
published_at	2026-04-02T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82933
published_at	2026-04-04T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.8293
published_at	2026-04-07T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82955
published_at	2026-04-08T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82962
published_at	2026-04-09T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82977
published_at	2026-04-11T12:55:00Z

value	0.01844
scoring_system	epss
scoring_elements	0.82972
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31459

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv

reference_id

GHSA-cx8g-hvq8-p2rv

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:41Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r

reference_id

GHSA-gj3f-p326-gh8r

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:41Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp

reference_id

GHSA-pfh9-gwm6-86vp

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:41Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-pfh9-gwm6-86vp

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-17T04:00:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31459

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkca-shmj-mbbu

url VCID-jmv3-vh81-zfdq

vulnerability_id VCID-jmv3-vh81-zfdq

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48547

reference_id

reference_type

scores

value	0.00467
scoring_system	epss
scoring_elements	0.64434
published_at	2026-04-13T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64409
published_at	2026-04-02T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64438
published_at	2026-04-04T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64398
published_at	2026-04-07T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64446
published_at	2026-04-08T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64462
published_at	2026-04-12T12:55:00Z

value	0.00467
scoring_system	epss
scoring_elements	0.64474
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48547

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48547
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48547

reference_url

https://github.com/Cacti/cacti/issues/1882

reference_id

1882

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:09:10Z/

url

https://github.com/Cacti/cacti/issues/1882

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

aliases CVE-2022-48547

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmv3-vh81-zfdq

url VCID-k6z6-4pb4-tbeu

vulnerability_id VCID-k6z6-4pb4-tbeu

summary Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-23226

reference_id

reference_type

scores

value	0.01252
scoring_system	epss
scoring_elements	0.79296
published_at	2026-04-01T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79303
published_at	2026-04-02T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79327
published_at	2026-04-04T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79313
published_at	2026-04-07T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79338
published_at	2026-04-08T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79348
published_at	2026-04-09T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79371
published_at	2026-04-11T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79356
published_at	2026-04-12T12:55:00Z

value	0.01252
scoring_system	epss
scoring_elements	0.79345
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-23226

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23226
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23226

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-23226

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6z6-4pb4-tbeu

url VCID-k7kv-za2s-dud5

vulnerability_id VCID-k7kv-za2s-dud5

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31460

reference_id

reference_type

scores

value	0.01692
scoring_system	epss
scoring_elements	0.82247
published_at	2026-04-13T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82211
published_at	2026-04-04T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82207
published_at	2026-04-07T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82234
published_at	2026-04-08T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82241
published_at	2026-04-09T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.8226
published_at	2026-04-11T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82253
published_at	2026-04-12T12:55:00Z

value	0.01692
scoring_system	epss
scoring_elements	0.82191
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31460

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31460

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv

reference_id

GHSA-cx8g-hvq8-p2rv

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-13T17:23:51Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r

reference_id

GHSA-gj3f-p326-gh8r

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-13T17:23:51Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-13T17:23:51Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31460

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7kv-za2s-dud5

url VCID-khhn-9sja-sfgr

vulnerability_id VCID-khhn-9sja-sfgr

summary Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed in 1.2.29.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24367

reference_id

reference_type

scores

value	0.90486
scoring_system	epss
scoring_elements	0.99606
published_at	2026-04-04T12:55:00Z

value	0.90486
scoring_system	epss
scoring_elements	0.99609
published_at	2026-04-13T12:55:00Z

value	0.90486
scoring_system	epss
scoring_elements	0.99608
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24367

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24367
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24367

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574
reference_id	1094574
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574

reference_url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_id

c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:54:34Z/

url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq

reference_id

GHSA-fxrq-fr7h-9rqq

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:54:34Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-fxrq-fr7h-9rqq

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2025-24367

risk_score 10.0

exploitability 2.0

weighted_severity 7.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khhn-9sja-sfgr

url VCID-kkn3-ars7-gkbk

vulnerability_id VCID-kkn3-ars7-gkbk

summary A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20723

reference_id

reference_type

scores

value	0.00496
scoring_system	epss
scoring_elements	0.65813
published_at	2026-04-13T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65843
published_at	2026-04-12T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65729
published_at	2026-04-01T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65778
published_at	2026-04-02T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65808
published_at	2026-04-04T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65773
published_at	2026-04-07T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65826
published_at	2026-04-08T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65837
published_at	2026-04-09T12:55:00Z

value	0.00496
scoring_system	epss
scoring_elements	0.65856
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20723
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20723

reference_url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG

reference_url	https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d

reference_url	https://github.com/Cacti/cacti/issues/2215
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/2215

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20723

reference_id

CVE-2018-20723

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20723

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2018-20723

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkn3-ars7-gkbk

url VCID-m6nf-2ppj-4fhg

vulnerability_id VCID-m6nf-2ppj-4fhg

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	http://cacti.net/release_notes_0_8_7g.php
reference_id
reference_type
scores
url	http://cacti.net/release_notes_0_8_7g.php

reference_url	http://marc.info/?l=oss-security&m=127978954522586&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=127978954522586&w=2

reference_url	http://marc.info/?l=oss-security&m=128017203704299&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=128017203704299&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2543.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2543.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2543

reference_id

reference_type

scores

value	0.10513
scoring_system	epss
scoring_elements	0.93257
published_at	2026-04-13T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93229
published_at	2026-04-01T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93238
published_at	2026-04-02T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93243
published_at	2026-04-04T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93241
published_at	2026-04-07T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.9325
published_at	2026-04-08T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93254
published_at	2026-04-09T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93258
published_at	2026-04-11T12:55:00Z

value	0.10513
scoring_system	epss
scoring_elements	0.93256
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2543

reference_url	http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025&r2=6024
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025&r2=6024

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=6025
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=6025

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=541279
reference_id	541279
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=541279

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2543

reference_id

CVE-2010-2543

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2543

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10234.txt
reference_id	CVE-2010-2543;OSVDB-60566;CVE-2009-4032
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/10234.txt

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-2543

risk_score 7.8

exploitability 2.0

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6nf-2ppj-4fhg

url VCID-mebp-4rfu-vqcq

vulnerability_id VCID-mebp-4rfu-vqcq

summary

DOMpurify has a nesting-based mXSS
DOMpurify was vulnerable to nesting-based mXSS 

fixed by [0ef5e537](https://github.com/cure53/DOMPurify/tree/0ef5e537a514f904b6aa1d7ad9e749e365d7185f) (2.x) and
[merge 943](https://github.com/cure53/DOMPurify/pull/943)

Backporter should be aware of GHSA-mmhx-hmjr-r674 (CVE-2024-45801) when cherry-picking

POC is avaible under [test](https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47875.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47875.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-47875

reference_id

reference_type

scores

value	0.00699
scoring_system	epss
scoring_elements	0.71978
published_at	2026-04-13T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71993
published_at	2026-04-12T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.7201
published_at	2026-04-11T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71986
published_at	2026-04-09T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71974
published_at	2026-04-08T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71935
published_at	2026-04-07T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71959
published_at	2026-04-04T12:55:00Z

value	0.00699
scoring_system	epss
scoring_elements	0.71939
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-47875

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47875
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47875

reference_url

http://seclists.org/fulldisclosure/2025/Apr/14

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2025/Apr/14

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098

reference_url

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T19:27:35Z/

url

https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098

reference_url

https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T19:27:35Z/

url

https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f

reference_url

https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T19:27:35Z/

url

https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a

reference_url

https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T19:27:35Z/

url

https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf

reference_url

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-47875

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	7.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-47875

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084983
reference_id	1084983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1084983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2318052
reference_id	2318052
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2318052

reference_url

https://github.com/advisories/GHSA-gx9m-whjm-85jf

reference_id

GHSA-gx9m-whjm-85jf

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gx9m-whjm-85jf

reference_url	https://access.redhat.com/errata/RHSA-2024:10236
reference_id	RHSA-2024:10236
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10236

reference_url	https://access.redhat.com/errata/RHSA-2024:10988
reference_id	RHSA-2024:10988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10988

reference_url	https://access.redhat.com/errata/RHSA-2024:8683
reference_id	RHSA-2024:8683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8683

reference_url	https://access.redhat.com/errata/RHSA-2024:8981
reference_id	RHSA-2024:8981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8981

reference_url	https://access.redhat.com/errata/RHSA-2024:9473
reference_id	RHSA-2024:9473
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9473

reference_url	https://access.redhat.com/errata/RHSA-2024:9629
reference_id	RHSA-2024:9629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9629

reference_url	https://access.redhat.com/errata/RHSA-2025:0329
reference_id	RHSA-2025:0329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0329

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-47875, GHSA-gx9m-whjm-85jf

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mebp-4rfu-vqcq

url VCID-nbfc-ex1y-37he

vulnerability_id VCID-nbfc-ex1y-37he

summary A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20726

reference_id

reference_type

scores

value	0.0051
scoring_system	epss
scoring_elements	0.66396
published_at	2026-04-13T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66426
published_at	2026-04-12T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66322
published_at	2026-04-01T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66361
published_at	2026-04-02T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66387
published_at	2026-04-04T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66357
published_at	2026-04-07T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66405
published_at	2026-04-08T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66419
published_at	2026-04-09T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66439
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20726

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20726
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20726

reference_url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/blob/develop/CHANGELOG

reference_url	https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/commit/80c2a88fb2afb93f87703ba4641f9970478c102d

reference_url	https://github.com/Cacti/cacti/issues/2213
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/2213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20726

reference_id

CVE-2018-20726

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20726

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2018-20726

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nbfc-ex1y-37he

url VCID-p2u2-5yuu-jydy

vulnerability_id VCID-p2u2-5yuu-jydy

summary As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-26247

reference_id

reference_type

scores

value	0.21043
scoring_system	epss
scoring_elements	0.95609
published_at	2026-04-01T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95617
published_at	2026-04-02T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95623
published_at	2026-04-04T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95625
published_at	2026-04-07T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95634
published_at	2026-04-08T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95637
published_at	2026-04-09T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95642
published_at	2026-04-12T12:55:00Z

value	0.21043
scoring_system	epss
scoring_elements	0.95644
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-26247

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26247
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26247

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

aliases CVE-2021-26247

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2u2-5yuu-jydy

url VCID-p74d-rbz3-sbb3

vulnerability_id VCID-p74d-rbz3-sbb3

summary An SQL injection vulnerability has been discovered in Cacti.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6035.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6035.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6035

reference_id

reference_type

scores

value	0.04526
scoring_system	epss
scoring_elements	0.89113
published_at	2026-04-01T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89121
published_at	2026-04-02T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89136
published_at	2026-04-04T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89138
published_at	2026-04-07T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89156
published_at	2026-04-08T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89161
published_at	2026-04-09T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89171
published_at	2026-04-11T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89167
published_at	2026-04-12T12:55:00Z

value	0.04526
scoring_system	epss
scoring_elements	0.89165
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6035

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6035
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6035

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=391691
reference_id	391691
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=391691

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452085
reference_id	452085
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452085

reference_url	https://security.gentoo.org/glsa/200712-02
reference_id	GLSA-200712-02
reference_type
scores
url	https://security.gentoo.org/glsa/200712-02

fixed_packages

url pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

purl pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5dm9-jpwc-gkeu

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6dxh-qpg7-q7g8

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-88mp-1anp-m3g5

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-dycc-rydh-kycy

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jg8r-f76d-rke1

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-m6nf-2ppj-4fhg

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-sdme-n5ez-67fw

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

100

vulnerability	VCID-wrxa-2us4-vkf9

101

vulnerability	VCID-ws4h-295a-9qgx

102

vulnerability	VCID-x1fg-6mq4-d7ds

103

vulnerability	VCID-xbb2-av4z-m3dp

104

vulnerability	VCID-xdbp-7rtr-fyb7

105

vulnerability	VCID-xpvn-y3b8-skgb

106

vulnerability	VCID-y683-kz6e-afhv

107

vulnerability	VCID-y6jw-jm1g-ubgx

108

vulnerability	VCID-ya95-dsw9-pfhw

109

vulnerability	VCID-ybx7-gpq4-33ha

110

vulnerability	VCID-yjny-ubdp-7few

111

vulnerability	VCID-ypan-57sx-vyam

112

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7b-2.1%252Blenny5

aliases CVE-2007-6035

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p74d-rbz3-sbb3

url VCID-pau5-hfbv-nucp

vulnerability_id VCID-pau5-hfbv-nucp

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39513

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.52839
published_at	2026-04-02T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52865
published_at	2026-04-04T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52832
published_at	2026-04-07T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52884
published_at	2026-04-08T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52878
published_at	2026-04-09T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52928
published_at	2026-04-11T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52912
published_at	2026-04-12T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52895
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39513

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pau5-hfbv-nucp

url VCID-pwrm-brmn-j7cc

vulnerability_id VCID-pwrm-brmn-j7cc

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2328

reference_id

reference_type

scores

value	0.01128
scoring_system	epss
scoring_elements	0.78244
published_at	2026-04-01T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78252
published_at	2026-04-02T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78284
published_at	2026-04-04T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78265
published_at	2026-04-07T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78291
published_at	2026-04-08T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78297
published_at	2026-04-09T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78323
published_at	2026-04-11T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78305
published_at	2026-04-12T12:55:00Z

value	0.01128
scoring_system	epss
scoring_elements	0.78301
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
reference_id	742768
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-2328

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pwrm-brmn-j7cc

url VCID-q88b-smmh-77ga

vulnerability_id VCID-q88b-smmh-77ga

summary Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

reference_id

reference_type

scores

value	0.01457
scoring_system	epss
scoring_elements	0.80764
published_at	2026-04-01T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80772
published_at	2026-04-02T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80793
published_at	2026-04-04T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.8079
published_at	2026-04-07T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80817
published_at	2026-04-08T12:55:00Z

value	0.01457
scoring_system	epss
scoring_elements	0.80826
published_at	2026-04-09T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85723
published_at	2026-04-11T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8572
published_at	2026-04-12T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85716
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16660

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16660

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16660

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16660

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16660

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-16660

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q88b-smmh-77ga

url VCID-qbvv-frc2-rqbk

vulnerability_id VCID-qbvv-frc2-rqbk

summary lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

reference_id

reference_type

scores

value	0.00465
scoring_system	epss
scoring_elements	0.64294
published_at	2026-04-01T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64351
published_at	2026-04-02T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.6438
published_at	2026-04-04T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64339
published_at	2026-04-07T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64387
published_at	2026-04-08T12:55:00Z

value	0.00465
scoring_system	epss
scoring_elements	0.64402
published_at	2026-04-09T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79432
published_at	2026-04-11T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79415
published_at	2026-04-12T12:55:00Z

value	0.0126
scoring_system	epss
scoring_elements	0.79404
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16641

reference_url	https://github.com/Cacti/cacti/issues/1057
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1057

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110
reference_id	881110
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881110

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16641

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16641

reference_type

scores

value	9.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:C/I:C/A:C

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16641

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-16641

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qbvv-frc2-rqbk

url VCID-qncj-2u1d-7bgu

vulnerability_id VCID-qncj-2u1d-7bgu

summary In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11025

reference_id

reference_type

scores

value	0.0064
scoring_system	epss
scoring_elements	0.70537
published_at	2026-04-13T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70551
published_at	2026-04-12T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70472
published_at	2026-04-01T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70486
published_at	2026-04-02T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70504
published_at	2026-04-04T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70481
published_at	2026-04-07T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70527
published_at	2026-04-08T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70542
published_at	2026-04-09T12:55:00Z

value	0.0064
scoring_system	epss
scoring_elements	0.70566
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11025

reference_url	https://github.com/Cacti/cacti/compare/6ea486a...99995bb
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/compare/6ea486a...99995bb

reference_url	https://github.com/Cacti/cacti/issues/2581
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/2581

reference_url	https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/04/msg00017.html

reference_url	https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926700
reference_id	926700
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926700

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11025

reference_id

CVE-2019-11025

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11025

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2019-11025

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qncj-2u1d-7bgu

url VCID-qnz1-w7bb-97ee

vulnerability_id VCID-qnz1-w7bb-97ee

summary Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41444

reference_id

reference_type

scores

value	0.00285
scoring_system	epss
scoring_elements	0.5187
published_at	2026-04-13T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51812
published_at	2026-04-02T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51838
published_at	2026-04-04T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51799
published_at	2026-04-07T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51854
published_at	2026-04-08T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51851
published_at	2026-04-09T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51903
published_at	2026-04-11T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.51885
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41444

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41444

reference_url

https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2

reference_id

9079535112e4f4ff2c1d2ce1c099d4c2

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:41:35Z/

url

https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2022-41444

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnz1-w7bb-97ee

url VCID-qvkt-vk55-4bbx

vulnerability_id VCID-qvkt-vk55-4bbx

summary A vulnerability in Cacti could lead to remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

reference_id

reference_type

scores

value	0.01839
scoring_system	epss
scoring_elements	0.82949
published_at	2026-04-13T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82885
published_at	2026-04-01T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82901
published_at	2026-04-02T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82914
published_at	2026-04-04T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.8291
published_at	2026-04-07T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82936
published_at	2026-04-08T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82943
published_at	2026-04-09T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82958
published_at	2026-04-11T12:55:00Z

value	0.01839
scoring_system	epss
scoring_elements	0.82953
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35701

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35701

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998
reference_id	979998
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979998

reference_url

https://security.archlinux.org/AVG-1433

reference_id

AVG-1433

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1433

reference_url	https://security.gentoo.org/glsa/202101-31
reference_id	GLSA-202101-31
reference_type
scores
url	https://security.gentoo.org/glsa/202101-31

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-35701

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvkt-vk55-4bbx

url VCID-rftg-byj2-jkh9

vulnerability_id VCID-rftg-byj2-jkh9

summary Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37543

reference_id

reference_type

scores

value	0.00617
scoring_system	epss
scoring_elements	0.69943
published_at	2026-04-13T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69957
published_at	2026-04-12T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69893
published_at	2026-04-02T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69907
published_at	2026-04-04T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69884
published_at	2026-04-07T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69932
published_at	2026-04-08T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69949
published_at	2026-04-09T12:55:00Z

value	0.00617
scoring_system	epss
scoring_elements	0.69972
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37543

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37543
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37543

reference_url

https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed

reference_id

exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:34:34Z/

url

https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj

reference_id

GHSA-4x82-8w8m-w8hj

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:34:34Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-37543

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rftg-byj2-jkh9

url VCID-rrpb-xhca-dkcf

vulnerability_id VCID-rrpb-xhca-dkcf

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2327

reference_id

reference_type

scores

value	0.00424
scoring_system	epss
scoring_elements	0.62069
published_at	2026-04-01T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62128
published_at	2026-04-02T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.6216
published_at	2026-04-04T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62129
published_at	2026-04-07T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62179
published_at	2026-04-08T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62196
published_at	2026-04-09T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62214
published_at	2026-04-11T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62204
published_at	2026-04-12T12:55:00Z

value	0.00424
scoring_system	epss
scoring_elements	0.62183
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768
reference_id	742768
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742768

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-2327

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrpb-xhca-dkcf

url VCID-s8du-gzj2-gkc1

vulnerability_id VCID-s8du-gzj2-gkc1

summary Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-43364

reference_id

reference_type

scores

value	0.05293
scoring_system	epss
scoring_elements	0.90016
published_at	2026-04-13T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90014
published_at	2026-04-09T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90024
published_at	2026-04-11T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90022
published_at	2026-04-12T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89988
published_at	2026-04-04T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89993
published_at	2026-04-07T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90009
published_at	2026-04-08T12:55:00Z

value	0.07542
scoring_system	epss
scoring_elements	0.91788
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-43364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43364

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5

reference_id

GHSA-fgc6-g8gc-wcg5

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T13:58:27Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-fgc6-g8gc-wcg5

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-43364

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s8du-gzj2-gkc1

url VCID-sb43-hapb-1uf2

vulnerability_id VCID-sb43-hapb-1uf2

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39357

reference_id

reference_type

scores

value	0.03246
scoring_system	epss
scoring_elements	0.87071
published_at	2026-04-02T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.8709
published_at	2026-04-04T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87083
published_at	2026-04-07T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87103
published_at	2026-04-08T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87111
published_at	2026-04-09T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87124
published_at	2026-04-11T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87119
published_at	2026-04-12T12:55:00Z

value	0.03246
scoring_system	epss
scoring_elements	0.87114
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39357

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sb43-hapb-1uf2

url VCID-scas-pk48-tyc4

vulnerability_id VCID-scas-pk48-tyc4

summary Multiple vulnerabilities were discovered in Cacti.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0783

reference_id

reference_type

scores

value	0.03843
scoring_system	epss
scoring_elements	0.88126
published_at	2026-04-01T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88134
published_at	2026-04-02T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.8815
published_at	2026-04-04T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88156
published_at	2026-04-07T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88176
published_at	2026-04-08T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88182
published_at	2026-04-09T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88192
published_at	2026-04-11T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88185
published_at	2026-04-12T12:55:00Z

value	0.03843
scoring_system	epss
scoring_elements	0.88186
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0783

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530919
reference_id	530919
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530919

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31157.txt
reference_id	CVE-2008-0783;OSVDB-41740
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31157.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31158.txt
reference_id	CVE-2008-0783;OSVDB-41781
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/31158.txt

reference_url	https://security.gentoo.org/glsa/200803-18
reference_id	GLSA-200803-18
reference_type
scores
url	https://security.gentoo.org/glsa/200803-18

fixed_packages

url pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

purl pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5dm9-jpwc-gkeu

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6dxh-qpg7-q7g8

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-88mp-1anp-m3g5

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-dycc-rydh-kycy

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jg8r-f76d-rke1

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-m6nf-2ppj-4fhg

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-sdme-n5ez-67fw

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

100

vulnerability	VCID-wrxa-2us4-vkf9

101

vulnerability	VCID-ws4h-295a-9qgx

102

vulnerability	VCID-x1fg-6mq4-d7ds

103

vulnerability	VCID-xbb2-av4z-m3dp

104

vulnerability	VCID-xdbp-7rtr-fyb7

105

vulnerability	VCID-xpvn-y3b8-skgb

106

vulnerability	VCID-y683-kz6e-afhv

107

vulnerability	VCID-y6jw-jm1g-ubgx

108

vulnerability	VCID-ya95-dsw9-pfhw

109

vulnerability	VCID-ybx7-gpq4-33ha

110

vulnerability	VCID-yjny-ubdp-7few

111

vulnerability	VCID-ypan-57sx-vyam

112

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7b-2.1%252Blenny5

aliases CVE-2008-0783

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scas-pk48-tyc4

url VCID-sdme-n5ez-67fw

vulnerability_id VCID-sdme-n5ez-67fw

summary cacti: SQL injection vulnerability (BONSAI-2010-0104)

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909

reference_url	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1431.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1431.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1431

reference_id

reference_type

scores

value	0.06138
scoring_system	epss
scoring_elements	0.90816
published_at	2026-04-13T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90764
published_at	2026-04-01T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.9077
published_at	2026-04-02T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90781
published_at	2026-04-04T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90792
published_at	2026-04-07T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90802
published_at	2026-04-08T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90809
published_at	2026-04-09T12:55:00Z

value	0.06138
scoring_system	epss
scoring_elements	0.90818
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1431

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1431
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1431

reference_url	http://seclists.org/fulldisclosure/2010/Apr/272
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2010/Apr/272

reference_url	http://secunia.com/advisories/39568
reference_id
reference_type
scores
url	http://secunia.com/advisories/39568

reference_url	http://secunia.com/advisories/39572
reference_id
reference_type
scores
url	http://secunia.com/advisories/39572

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch
reference_id
reference_type
scores
url	http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch

reference_url	http://www.debian.org/security/2010/dsa-2039
reference_id
reference_type
scores
url	http://www.debian.org/security/2010/dsa-2039

reference_url	http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf
reference_id
reference_type
scores
url	http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:092
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:092

reference_url	http://www.securityfocus.com/bid/39653
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/39653

reference_url	http://www.vupen.com/english/advisories/2010/0986
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/0986

reference_url	http://www.vupen.com/english/advisories/2010/1107
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/1107

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909
reference_id	578909
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=585401
reference_id	585401
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=585401

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1431

reference_id

CVE-2010-1431

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1431

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/12338.txt
reference_id	CVE-2010-1431;OSVDB-63967
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/12338.txt

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-1431

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sdme-n5ez-67fw

url VCID-ses2-y1j2-vbbx

vulnerability_id VCID-ses2-y1j2-vbbx

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14295

reference_id

reference_type

scores

value	0.81199
scoring_system	epss
scoring_elements	0.99156
published_at	2026-04-01T12:55:00Z

value	0.81199
scoring_system	epss
scoring_elements	0.99157
published_at	2026-04-02T12:55:00Z

value	0.81199
scoring_system	epss
scoring_elements	0.99159
published_at	2026-04-04T12:55:00Z

value	0.81199
scoring_system	epss
scoring_elements	0.99162
published_at	2026-04-07T12:55:00Z

value	0.81199
scoring_system	epss
scoring_elements	0.99164
published_at	2026-04-13T12:55:00Z

value	0.81199
scoring_system	epss
scoring_elements	0.99165
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14295

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14295
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14295

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963139
reference_id	963139
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963139

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49810.py
reference_id	CVE-2020-14295
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49810.py

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-14295

risk_score 1.4

exploitability 2.0

weighted_severity 0.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ses2-y1j2-vbbx

url VCID-sx2t-uzae-2fh9

vulnerability_id VCID-sx2t-uzae-2fh9

summary Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-54145

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24603
published_at	2026-04-02T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24415
published_at	2026-04-07T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.2464
published_at	2026-04-04T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39587
published_at	2026-04-13T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39616
published_at	2026-04-08T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39631
published_at	2026-04-09T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.3964
published_at	2026-04-11T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39604
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-54145

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54145
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54145

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574
reference_id	1094574
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094574

reference_url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_id

c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:46:54Z/

url

https://github.com/Cacti/cacti/commit/c7e4ee798d263a3209ae6e7ba182c7b65284d8f0

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-fh3x-69rr-qqpp

reference_id

GHSA-fh3x-69rr-qqpp

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T18:46:54Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-fh3x-69rr-qqpp

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-54145

risk_score 2.9

exploitability 0.5

weighted_severity 5.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sx2t-uzae-2fh9

url VCID-t9my-r77a-w7ga

vulnerability_id VCID-t9my-r77a-w7ga

summary Multiple vulnerabilities were discovered in Cacti.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-0786

reference_id

reference_type

scores

value	0.01287
scoring_system	epss
scoring_elements	0.79584
published_at	2026-04-01T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79591
published_at	2026-04-02T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79614
published_at	2026-04-04T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79601
published_at	2026-04-07T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79629
published_at	2026-04-08T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79637
published_at	2026-04-09T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79658
published_at	2026-04-11T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79642
published_at	2026-04-12T12:55:00Z

value	0.01287
scoring_system	epss
scoring_elements	0.79635
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-0786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0786

reference_url	https://security.gentoo.org/glsa/200803-18
reference_id	GLSA-200803-18
reference_type
scores
url	https://security.gentoo.org/glsa/200803-18

fixed_packages

url pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

purl pkg:deb/debian/cacti@0.8.7b-2.1%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5dm9-jpwc-gkeu

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6dxh-qpg7-q7g8

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-88mp-1anp-m3g5

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-dycc-rydh-kycy

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jg8r-f76d-rke1

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-m6nf-2ppj-4fhg

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-sdme-n5ez-67fw

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

100

vulnerability	VCID-wrxa-2us4-vkf9

101

vulnerability	VCID-ws4h-295a-9qgx

102

vulnerability	VCID-x1fg-6mq4-d7ds

103

vulnerability	VCID-xbb2-av4z-m3dp

104

vulnerability	VCID-xdbp-7rtr-fyb7

105

vulnerability	VCID-xpvn-y3b8-skgb

106

vulnerability	VCID-y683-kz6e-afhv

107

vulnerability	VCID-y6jw-jm1g-ubgx

108

vulnerability	VCID-ya95-dsw9-pfhw

109

vulnerability	VCID-ybx7-gpq4-33ha

110

vulnerability	VCID-yjny-ubdp-7few

111

vulnerability	VCID-ypan-57sx-vyam

112

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7b-2.1%252Blenny5

aliases CVE-2008-0786

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9my-r77a-w7ga

url VCID-tsfy-6cbv-r7hf

vulnerability_id VCID-tsfy-6cbv-r7hf

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4634

reference_id

reference_type

scores

value	0.00409
scoring_system	epss
scoring_elements	0.61147
published_at	2026-04-01T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61227
published_at	2026-04-02T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61256
published_at	2026-04-04T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61222
published_at	2026-04-07T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.6127
published_at	2026-04-08T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61284
published_at	2026-04-09T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61305
published_at	2026-04-11T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.6129
published_at	2026-04-12T12:55:00Z

value	0.00409
scoring_system	epss
scoring_elements	0.61272
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4634

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4634
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4634

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8%2Bdeb8u6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8%252Bdeb8u6

url pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

purl pkg:deb/debian/cacti@0.8.8h%2Bds1-10%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8h%252Bds1-10%252Bdeb9u1

aliases CVE-2015-4634

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsfy-6cbv-r7hf

url VCID-tu9w-kh79-9kc8

vulnerability_id VCID-tu9w-kh79-9kc8

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1434

reference_id

reference_type

scores

value	0.01147
scoring_system	epss
scoring_elements	0.78414
published_at	2026-04-01T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.7842
published_at	2026-04-02T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78451
published_at	2026-04-04T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78435
published_at	2026-04-07T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78462
published_at	2026-04-08T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78467
published_at	2026-04-09T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78492
published_at	2026-04-11T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78473
published_at	2026-04-12T12:55:00Z

value	0.01147
scoring_system	epss
scoring_elements	0.78466
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1434

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1434

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1435
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1435

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2013-1434

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tu9w-kh79-9kc8

100

url VCID-u478-39pb-tkay

vulnerability_id VCID-u478-39pb-tkay

summary lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12978

reference_id

reference_type

scores

value	0.00337
scoring_system	epss
scoring_elements	0.56468
published_at	2026-04-01T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56565
published_at	2026-04-02T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56586
published_at	2026-04-04T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56564
published_at	2026-04-07T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56616
published_at	2026-04-08T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.5662
published_at	2026-04-09T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56629
published_at	2026-04-11T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56605
published_at	2026-04-12T12:55:00Z

value	0.00337
scoring_system	epss
scoring_elements	0.56583
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12978

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12978
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12978

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-12978

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u478-39pb-tkay

101

url VCID-uj1s-uuyx-mya5

vulnerability_id VCID-uj1s-uuyx-mya5

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-7237

reference_id

reference_type

scores

value	0.46813
scoring_system	epss
scoring_elements	0.97647
published_at	2026-04-01T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97653
published_at	2026-04-02T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97655
published_at	2026-04-04T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97656
published_at	2026-04-07T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.9766
published_at	2026-04-08T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97662
published_at	2026-04-09T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97664
published_at	2026-04-11T12:55:00Z

value	0.46813
scoring_system	epss
scoring_elements	0.97667
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-7237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7237

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949997
reference_id	949997
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949997

reference_url	https://security.gentoo.org/glsa/202003-40
reference_id	GLSA-202003-40
reference_type
scores
url	https://security.gentoo.org/glsa/202003-40

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-7237

risk_score 0.2

exploitability 0.5

weighted_severity 0.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uj1s-uuyx-mya5

102

url VCID-vbs9-gben-9kgc

vulnerability_id VCID-vbs9-gben-9kgc

summary

DOMPurify vulnerable to tampering by prototype polution
dompurify was vulnerable to prototype pollution

Fixed by https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-48910.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-48910.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-48910

reference_id

reference_type

scores

value	0.02592
scoring_system	epss
scoring_elements	0.8559
published_at	2026-04-13T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85594
published_at	2026-04-12T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85597
published_at	2026-04-11T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85583
published_at	2026-04-09T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85573
published_at	2026-04-08T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85547
published_at	2026-04-04T12:55:00Z

value	0.02592
scoring_system	epss
scoring_elements	0.85553
published_at	2026-04-07T12:55:00Z

value	0.02808
scoring_system	epss
scoring_elements	0.86074
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-48910

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48910
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48910

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc

reference_url

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-31T15:52:58Z/

url

https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc

reference_url

https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-31T15:52:58Z/

url

https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr

reference_url

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/02/msg00010.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-48910

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-48910

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2322949
reference_id	2322949
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2322949

reference_url

https://github.com/advisories/GHSA-p3vf-v8qc-cwcr

reference_id

GHSA-p3vf-v8qc-cwcr

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p3vf-v8qc-cwcr

reference_url	https://access.redhat.com/errata/RHSA-2024:10186
reference_id	RHSA-2024:10186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10186

reference_url	https://access.redhat.com/errata/RHSA-2024:9583
reference_id	RHSA-2024:9583
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9583

reference_url	https://access.redhat.com/errata/RHSA-2025:0079
reference_id	RHSA-2025:0079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0079

reference_url	https://access.redhat.com/errata/RHSA-2025:0082
reference_id	RHSA-2025:0082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0082

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0875
reference_id	RHSA-2025:0875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0875

reference_url	https://access.redhat.com/errata/RHSA-2025:18233
reference_id	RHSA-2025:18233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18233

reference_url	https://access.redhat.com/errata/RHSA-2025:19003
reference_id	RHSA-2025:19003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19003

reference_url	https://access.redhat.com/errata/RHSA-2025:19017
reference_id	RHSA-2025:19017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19017

reference_url	https://access.redhat.com/errata/RHSA-2025:19047
reference_id	RHSA-2025:19047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19047

reference_url	https://access.redhat.com/errata/RHSA-2025:19306
reference_id	RHSA-2025:19306
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19306

reference_url	https://access.redhat.com/errata/RHSA-2025:19314
reference_id	RHSA-2025:19314
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19314

reference_url	https://access.redhat.com/errata/RHSA-2025:19895
reference_id	RHSA-2025:19895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19895

reference_url	https://access.redhat.com/errata/RHSA-2025:22284
reference_id	RHSA-2025:22284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22284

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-48910, GHSA-p3vf-v8qc-cwcr

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbs9-gben-9kgc

103

url VCID-vsjt-qjyw-hbfs

vulnerability_id VCID-vsjt-qjyw-hbfs

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39359

reference_id

reference_type

scores

value	0.04724
scoring_system	epss
scoring_elements	0.89353
published_at	2026-04-02T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89365
published_at	2026-04-04T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89368
published_at	2026-04-07T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89385
published_at	2026-04-08T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89388
published_at	2026-04-09T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89397
published_at	2026-04-11T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.89394
published_at	2026-04-12T12:55:00Z

value	0.04724
scoring_system	epss
scoring_elements	0.8939
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_id

CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/

reference_url

reference_id

dsa-5550

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h

reference_url

reference_id

GHSA-q4wh-3f9w-836h

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_id

WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

reference_id

WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39359

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsjt-qjyw-hbfs

104

url VCID-w1vc-ugdq-aygx

vulnerability_id VCID-w1vc-ugdq-aygx

summary Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11163

reference_id

reference_type

scores

value	0.00223
scoring_system	epss
scoring_elements	0.44818
published_at	2026-04-01T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44899
published_at	2026-04-02T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44919
published_at	2026-04-04T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.4486
published_at	2026-04-07T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44912
published_at	2026-04-08T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44914
published_at	2026-04-09T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44935
published_at	2026-04-11T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44903
published_at	2026-04-12T12:55:00Z

value	0.00223
scoring_system	epss
scoring_elements	0.44905
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11163

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11163

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868080
reference_id	868080
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868080

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-11163

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1vc-ugdq-aygx

105

url VCID-w7pb-rt12-y3gs

vulnerability_id VCID-w7pb-rt12-y3gs

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5262

reference_id

reference_type

scores

value	0.00762
scoring_system	epss
scoring_elements	0.73362
published_at	2026-04-13T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73311
published_at	2026-04-01T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.7332
published_at	2026-04-02T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73344
published_at	2026-04-04T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73317
published_at	2026-04-07T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73353
published_at	2026-04-08T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.73367
published_at	2026-04-09T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.7339
published_at	2026-04-11T12:55:00Z

value	0.00762
scoring_system	epss
scoring_elements	0.7337
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5262

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1127165
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1127165

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262

reference_url	http://seclists.org/oss-sec/2014/q3/351
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/351

reference_url	http://seclists.org/oss-sec/2014/q3/386
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/386

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/95292
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/95292

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=7454
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=7454

reference_url	http://www.debian.org/security/2014/dsa-3007
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3007

reference_url	http://www.securityfocus.com/bid/69213
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/69213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6e:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7e:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7e:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8a:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5262

reference_id

CVE-2014-5262

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5262

reference_url	https://security.gentoo.org/glsa/201607-05
reference_id	GLSA-201607-05
reference_type
scores
url	https://security.gentoo.org/glsa/201607-05

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-5262

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7pb-rt12-y3gs

106

url VCID-wrxa-2us4-vkf9

vulnerability_id VCID-wrxa-2us4-vkf9

summary In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13230

reference_id

reference_type

scores

value	0.00799
scoring_system	epss
scoring_elements	0.73977
published_at	2026-04-01T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.73984
published_at	2026-04-02T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.7401
published_at	2026-04-04T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.73981
published_at	2026-04-07T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.74015
published_at	2026-04-08T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.74028
published_at	2026-04-09T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.74051
published_at	2026-04-11T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.74032
published_at	2026-04-12T12:55:00Z

value	0.00799
scoring_system	epss
scoring_elements	0.74025
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13230

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13230
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13230

reference_url	https://usn.ubuntu.com/USN-5214-1/
reference_id	USN-USN-5214-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5214-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2020-13230

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wrxa-2us4-vkf9

107

url VCID-ws4h-295a-9qgx

vulnerability_id VCID-ws4h-295a-9qgx

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39516

reference_id

reference_type

scores

value	0.00284
scoring_system	epss
scoring_elements	0.51728
published_at	2026-04-02T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51754
published_at	2026-04-04T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51714
published_at	2026-04-07T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51768
published_at	2026-04-08T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51765
published_at	2026-04-09T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51815
published_at	2026-04-11T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51794
published_at	2026-04-12T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51778
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39516

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2023-39516

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ws4h-295a-9qgx

108

url VCID-x1fg-6mq4-d7ds

vulnerability_id VCID-x1fg-6mq4-d7ds

summary Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a clog.php?filename= request, as demonstrated by filename=passwd (with a Log Path under /etc) to read /etc/passwd.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29806
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29711
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29761
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39665
published_at	2026-04-01T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39812
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39827
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39757
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39814
published_at	2026-04-02T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39837
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16661

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16661

reference_url	https://github.com/Cacti/cacti/issues/1066
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1066

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16661

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_id	cpe:2.3:a:cacti:cacti:1.1.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:1.1.27:::::::*

reference_url

reference_id

CVE-2017-16661

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:N/A:N

value	4.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16661

fixed_packages

url pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

purl pkg:deb/debian/cacti@1.2.2%2Bds1-2%2Bdeb10u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ypan-57sx-vyam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.2%252Bds1-2%252Bdeb10u4

aliases CVE-2017-16661

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1fg-6mq4-d7ds

109

url VCID-xbb2-av4z-m3dp

vulnerability_id VCID-xbb2-av4z-m3dp

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-46169

reference_id

reference_type

scores

value	0.94469
scoring_system	epss
scoring_elements	0.99998
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-46169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025648
reference_id	1025648
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025648

reference_url

https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216

reference_id

7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-13T17:39:57Z/

url

https://github.com/Cacti/cacti/commit/7f0e16312dd5ce20f93744ef8b9c3b0f1ece2216

reference_url

https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9

reference_id

a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-13T17:39:57Z/

url

https://github.com/Cacti/cacti/commit/a8d59e8fa5f0054aa9c6981b1cbe30ef0e2a0ec9

reference_url

https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b

reference_id

b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-13T17:39:57Z/

url

https://github.com/Cacti/cacti/commit/b43f13ae7f1e6bfe4e8e56a80a7cd867cf2db52b

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51166.py
reference_id	CVE-2022-46169
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51166.py

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf

reference_id

GHSA-6p93-p743-35gf

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-13T17:39:57Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

reference_url	https://usn.ubuntu.com/7226-1/
reference_id	USN-7226-1
reference_type
scores
url	https://usn.ubuntu.com/7226-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2022-46169

risk_score 10.0

exploitability 2.0

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbb2-av4z-m3dp

110

url VCID-xdbp-7rtr-fyb7

vulnerability_id VCID-xdbp-7rtr-fyb7

summary Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the “consolenewsection” parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-43365

reference_id

reference_type

scores

value	0.05293
scoring_system	epss
scoring_elements	0.90016
published_at	2026-04-13T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90024
published_at	2026-04-11T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90022
published_at	2026-04-12T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89975
published_at	2026-04-02T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89988
published_at	2026-04-04T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89993
published_at	2026-04-07T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90009
published_at	2026-04-08T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90014
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-43365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43365

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr

reference_id

GHSA-49f2-hwx9-qffr

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-08T13:58:21Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-49f2-hwx9-qffr

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-43365

risk_score 2.5

exploitability 0.5

weighted_severity 5.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdbp-7rtr-fyb7

111

url VCID-xpvn-y3b8-skgb

vulnerability_id VCID-xpvn-y3b8-skgb

summary Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0730

reference_id

reference_type

scores

value	0.00304
scoring_system	epss
scoring_elements	0.53573
published_at	2026-04-01T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53595
published_at	2026-04-02T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53624
published_at	2026-04-04T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53593
published_at	2026-04-07T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53644
published_at	2026-04-08T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53642
published_at	2026-04-09T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53691
published_at	2026-04-11T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53674
published_at	2026-04-12T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53657
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46169

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008693
reference_id	1008693
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008693

reference_url	https://security.gentoo.org/glsa/202412-02
reference_id	GLSA-202412-02
reference_type
scores
url	https://security.gentoo.org/glsa/202412-02

fixed_packages

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3

aliases CVE-2022-0730

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpvn-y3b8-skgb

112

url VCID-y683-kz6e-afhv

vulnerability_id VCID-y683-kz6e-afhv

summary Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31444

reference_id

reference_type

scores

value	0.09401
scoring_system	epss
scoring_elements	0.92787
published_at	2026-04-13T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92769
published_at	2026-04-07T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92778
published_at	2026-04-08T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92783
published_at	2026-04-09T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92788
published_at	2026-04-11T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92767
published_at	2026-04-02T12:55:00Z

value	0.09401
scoring_system	epss
scoring_elements	0.92772
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31444

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31444
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31444

reference_url

https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87

reference_id

GHSA-p4ch-7hjw-6m87

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:22:10Z/

url

https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_id

RBEOAFKRARQHTDIYSL723XAFJ2Q6624X

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:22:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/

reference_url	https://usn.ubuntu.com/6969-1/
reference_id	USN-6969-1
reference_type
scores
url	https://usn.ubuntu.com/6969-1/

fixed_packages

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5

aliases CVE-2024-31444

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y683-kz6e-afhv

113

url VCID-y6jw-jm1g-ubgx

vulnerability_id VCID-y6jw-jm1g-ubgx

summary

Multiple vulnerabilities have been found in Cacti, allowing
    attackers to execute arbitrary code or perform XSS attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1644.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1644.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-1644

reference_id

reference_type

scores

value	0.02039
scoring_system	epss
scoring_elements	0.83825
published_at	2026-04-13T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83761
published_at	2026-04-01T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83775
published_at	2026-04-02T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83789
published_at	2026-04-04T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.8379
published_at	2026-04-07T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83814
published_at	2026-04-08T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.8382
published_at	2026-04-09T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83836
published_at	2026-04-11T12:55:00Z

value	0.02039
scoring_system	epss
scoring_elements	0.83829
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-1644

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1644
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1644

reference_url	http://secunia.com/advisories/41041
reference_id
reference_type
scores
url	http://secunia.com/advisories/41041

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0635.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0635.html

reference_url	http://svn.cacti.net/viewvc?view=rev&revision=5901
reference_id
reference_type
scores
url	http://svn.cacti.net/viewvc?view=rev&revision=5901

reference_url	http://www.cacti.net/release_notes_0_8_7f.php
reference_id
reference_type
scores
url	http://www.cacti.net/release_notes_0_8_7f.php

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

reference_url	http://www.securityfocus.com/archive/1/511393
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/511393

reference_url	http://www.securityfocus.com/bid/40332
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/40332

reference_url	http://www.vupen.com/english/advisories/2010/1203
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/1203

reference_url	http://www.vupen.com/english/advisories/2010/2132
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/2132

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=609093
reference_id	609093
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=609093

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::
reference_id	cpe:2.3:a:cacti:cacti::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_id	cpe:2.3:a:cacti:cacti:0.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.6.8a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.6.8a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.2a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.2a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.3a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.3a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.5a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.5a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6d:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6f:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6f:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6g:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6h:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6h:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6i:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6i:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6j:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6j:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.6k:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.6k:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7a:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7a:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.7d:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.7d:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-1644

reference_id

CVE-2010-1644

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-1644

reference_url	https://security.gentoo.org/glsa/201401-20
reference_id	GLSA-201401-20
reference_type
scores
url	https://security.gentoo.org/glsa/201401-20

fixed_packages

url pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

purl pkg:deb/debian/cacti@0.8.7g-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-4ytj-s8hh-6bd5

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-ddq2-myvr-wfgz

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-jmv3-vh81-zfdq

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-p2u2-5yuu-jydy

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

100

vulnerability	VCID-ya95-dsw9-pfhw

101

vulnerability	VCID-ybx7-gpq4-33ha

102

vulnerability	VCID-yjny-ubdp-7few

103

vulnerability	VCID-ypan-57sx-vyam

104

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.7g-1%252Bsqueeze3

aliases CVE-2010-1644

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6jw-jm1g-ubgx

114

url VCID-ya95-dsw9-pfhw

vulnerability_id VCID-ya95-dsw9-pfhw

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url	http://bugs.cacti.net/view.php?id=2456
reference_id
reference_type
scores
url	http://bugs.cacti.net/view.php?id=2456

reference_url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-5026

reference_id

reference_type

scores

value	0.00347
scoring_system	epss
scoring_elements	0.57292
published_at	2026-04-13T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57186
published_at	2026-04-01T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57267
published_at	2026-04-02T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.5729
published_at	2026-04-04T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57266
published_at	2026-04-07T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57317
published_at	2026-04-08T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57319
published_at	2026-04-09T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57333
published_at	2026-04-11T12:55:00Z

value	0.00347
scoring_system	epss
scoring_elements	0.57313
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-5026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262

reference_url	http://seclists.org/oss-sec/2014/q3/244
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q3/244

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/94816
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/94816

reference_url	http://www.debian.org/security/2014/dsa-3007
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3007

reference_url	http://www.openwall.com/lists/oss-security/2014/07/22/9
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/07/22/9

reference_url	http://www.securityfocus.com/bid/68759
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68759

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_id	cpe:2.3:a:cacti:cacti:0.8.8b:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cacti:cacti:0.8.8b:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-5026

reference_id

CVE-2014-5026

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-5026

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-5026

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya95-dsw9-pfhw

115

url VCID-ybx7-gpq4-33ha

vulnerability_id VCID-ybx7-gpq4-33ha

summary

Multiple vulnerabilities have been found in Cacti, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2709

reference_id

reference_type

scores

value	0.01868
scoring_system	epss
scoring_elements	0.83017
published_at	2026-04-01T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83033
published_at	2026-04-02T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83047
published_at	2026-04-04T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83045
published_at	2026-04-07T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83069
published_at	2026-04-08T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83077
published_at	2026-04-09T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83092
published_at	2026-04-11T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83086
published_at	2026-04-12T12:55:00Z

value	0.01868
scoring_system	epss
scoring_elements	0.83082
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743565
reference_id	743565
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743565

reference_url	https://security.gentoo.org/glsa/201509-03
reference_id	GLSA-201509-03
reference_type
scores
url	https://security.gentoo.org/glsa/201509-03

fixed_packages

url pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

purl pkg:deb/debian/cacti@0.8.8a%2Bdfsg-5%2Bdeb7u8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-77tn-swar-87ec

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8j9j-nau8-a7cd

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-atbu-eegm-3ufy

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-b8nc-qman-zkcd

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-bwzz-1txv-3kam

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cv9v-rynk-m7eb

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dbsu-au7h-xbcv

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-djgb-xu1j-53fb

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fq36-1r9h-aff2

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-pwrm-brmn-j7cc

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-rrpb-xhca-dkcf

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-tu9w-kh79-9kc8

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-w7pb-rt12-y3gs

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-ya95-dsw9-pfhw

vulnerability	VCID-ybx7-gpq4-33ha

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

100

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8a%252Bdfsg-5%252Bdeb7u8

url pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

purl pkg:deb/debian/cacti@0.8.8b%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ff1-vhuj-hkdc

vulnerability	VCID-1v2t-kcm2-efad

vulnerability	VCID-29q9-twke-2bdx

vulnerability	VCID-2wj2-hvma-mqcz

vulnerability	VCID-2z9e-eg1f-bqg5

vulnerability	VCID-34z4-1zqk-afcm

vulnerability	VCID-3rsg-kswx-73bj

vulnerability	VCID-3tqy-g42y-9fef

vulnerability	VCID-3x9k-en7a-nkht

vulnerability	VCID-3y7d-ujep-4ydm

vulnerability	VCID-44fx-4w2y-y3dy

vulnerability	VCID-4twv-1yys-eban

vulnerability	VCID-5ykb-6nvx-k3e4

vulnerability	VCID-6n31-d4xy-d3fj

vulnerability	VCID-6t6n-ws5n-wkay

vulnerability	VCID-6ze5-dqdn-ykg3

vulnerability	VCID-7dp4-9zks-mbgd

vulnerability	VCID-7fvn-b8hn-dqeh

vulnerability	VCID-7m68-seeq-tuae

vulnerability	VCID-7mht-4urq-13ek

vulnerability	VCID-85gc-u991-z3dw

vulnerability	VCID-86gq-jsgy-8uep

vulnerability	VCID-89pf-69jk-syfk

vulnerability	VCID-8nbc-ethb-6kcn

vulnerability	VCID-8pnc-kuf5-jqda

vulnerability	VCID-9fdf-h49c-5qcj

vulnerability	VCID-9snd-k1cz-gyb5

vulnerability	VCID-9swv-zvke-ubet

vulnerability	VCID-9vce-mkth-v3gn

vulnerability	VCID-a8j1-24bw-gudu

vulnerability	VCID-aajr-s1n1-4ybu

vulnerability	VCID-afss-mcgj-7bce

vulnerability	VCID-akj7-kh8f-97ct

vulnerability	VCID-ante-y18a-yyg7

vulnerability	VCID-ay5a-nkmf-5yar

vulnerability	VCID-be57-gxmc-vqd4

vulnerability	VCID-bj2d-v5dw-ykc7

vulnerability	VCID-c2b8-ss11-9yhq

vulnerability	VCID-c4w5-q88d-z3hg

vulnerability	VCID-cre7-1uhc-bka2

vulnerability	VCID-cxs3-zh36-m7en

vulnerability	VCID-d7db-n89n-qyd8

vulnerability	VCID-dcnt-ev6f-tydd

vulnerability	VCID-e48s-dv1e-4fgn

vulnerability	VCID-fhtp-y9a5-vqgj

vulnerability	VCID-fwp2-z586-ebbq

vulnerability	VCID-gdfw-gryt-8qhg

vulnerability	VCID-h3qa-svy4-1fcr

vulnerability	VCID-hb4z-bmkm-akee

vulnerability	VCID-hj89-pnag-3fer

vulnerability	VCID-huf2-qwju-6bf2

vulnerability	VCID-hwep-pw4e-efh5

vulnerability	VCID-jkca-shmj-mbbu

vulnerability	VCID-k6z6-4pb4-tbeu

vulnerability	VCID-k7kv-za2s-dud5

vulnerability	VCID-khhn-9sja-sfgr

vulnerability	VCID-kkn3-ars7-gkbk

vulnerability	VCID-mebp-4rfu-vqcq

vulnerability	VCID-nbfc-ex1y-37he

vulnerability	VCID-pau5-hfbv-nucp

vulnerability	VCID-q88b-smmh-77ga

vulnerability	VCID-qbvv-frc2-rqbk

vulnerability	VCID-qncj-2u1d-7bgu

vulnerability	VCID-qnz1-w7bb-97ee

vulnerability	VCID-qvkt-vk55-4bbx

vulnerability	VCID-rftg-byj2-jkh9

vulnerability	VCID-s8du-gzj2-gkc1

vulnerability	VCID-sb43-hapb-1uf2

vulnerability	VCID-ses2-y1j2-vbbx

vulnerability	VCID-sx2t-uzae-2fh9

vulnerability	VCID-tsfy-6cbv-r7hf

vulnerability	VCID-u478-39pb-tkay

vulnerability	VCID-uj1s-uuyx-mya5

vulnerability	VCID-vbs9-gben-9kgc

vulnerability	VCID-vsjt-qjyw-hbfs

vulnerability	VCID-w1vc-ugdq-aygx

vulnerability	VCID-wrxa-2us4-vkf9

vulnerability	VCID-ws4h-295a-9qgx

vulnerability	VCID-x1fg-6mq4-d7ds

vulnerability	VCID-xbb2-av4z-m3dp

vulnerability	VCID-xdbp-7rtr-fyb7

vulnerability	VCID-xpvn-y3b8-skgb

vulnerability	VCID-y683-kz6e-afhv

vulnerability	VCID-yjny-ubdp-7few

vulnerability	VCID-ypan-57sx-vyam

vulnerability	VCID-zwne-uyfj-5bf8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.8b%252Bdfsg-8

aliases CVE-2014-2709

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybx7-gpq4-33ha

116

url VCID-yjny-ubdp-7few

vulnerability_id VCID-yjny-ubdp-7few

summary Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.40045
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39988
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.40008
published_at	2026-04-12T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41485
published_at	2026-04-01T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4158
published_at	2026-04-08T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41589
published_at	2026-04-09T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.4153
published_at	2026-04-07T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41574
published_at	2026-04-02T12:55:00Z

value	0.00196
scoring_system	epss
scoring_elements	0.41603
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16785

reference_url	https://github.com/Cacti/cacti/issues/1071
reference_id
reference_type
scores
url	https://github.com/Cacti/cacti/issues/1071

reference_url	http://www.securitytracker.com/id/1039774
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039774

reference_url	https://security.archlinux.org/ASA-201712-2
reference_id	ASA-201712-2
reference_type
scores
url	https://security.archlinux.org/ASA-201712-2

reference_url

reference_id

AVG-537

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url