Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/cacti@0.8.6d-1?distro=trixie

Type deb

Namespace debian

Name cacti

Version 0.8.6d-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.8.6e-1

Latest_non_vulnerable_version 1.2.30+ds1-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5ccj-b3a9-67g2

vulnerability_id VCID-5ccj-b3a9-67g2

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0806

reference_id

reference_type

scores

value	0.12629
scoring_system	epss
scoring_elements	0.93932
published_at	2026-04-01T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.9394
published_at	2026-04-02T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.9395
published_at	2026-04-04T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93953
published_at	2026-04-07T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93961
published_at	2026-04-08T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93965
published_at	2026-04-09T12:55:00Z

value	0.12629
scoring_system	epss
scoring_elements	0.93968
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358872
reference_id	358872
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358872

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

reference_url	http://gulftech.org/advisories/ADOdb%20Cross%20Site%20Scripting/93
reference_id	GTSA-00093;CVE-2006-0806
reference_type	exploit
scores
url	http://gulftech.org/advisories/ADOdb%20Cross%20Site%20Scripting/93

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/43832.txt
reference_id	GTSA-00093;CVE-2006-0806
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/43832.txt

fixed_packages

url	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
purl	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie

aliases CVE-2006-0806

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ccj-b3a9-67g2

url VCID-9x72-e9wx-mqf4

vulnerability_id VCID-9x72-e9wx-mqf4

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0146

reference_id

reference_type

scores

value	0.09474
scoring_system	epss
scoring_elements	0.92822
published_at	2026-04-13T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92795
published_at	2026-04-01T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92802
published_at	2026-04-02T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92807
published_at	2026-04-04T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92805
published_at	2026-04-07T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92814
published_at	2026-04-08T12:55:00Z

value	0.09474
scoring_system	epss
scoring_elements	0.92818
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0146

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0146
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0146

reference_url	http://secunia.com/advisories/17418
reference_id
reference_type
scores
url	http://secunia.com/advisories/17418

reference_url	http://secunia.com/advisories/18233
reference_id
reference_type
scores
url	http://secunia.com/advisories/18233

reference_url	http://secunia.com/advisories/18254
reference_id
reference_type
scores
url	http://secunia.com/advisories/18254

reference_url	http://secunia.com/advisories/18260
reference_id
reference_type
scores
url	http://secunia.com/advisories/18260

reference_url	http://secunia.com/advisories/18267
reference_id
reference_type
scores
url	http://secunia.com/advisories/18267

reference_url	http://secunia.com/advisories/18276
reference_id
reference_type
scores
url	http://secunia.com/advisories/18276

reference_url	http://secunia.com/advisories/18720
reference_id
reference_type
scores
url	http://secunia.com/advisories/18720

reference_url	http://secunia.com/advisories/19555
reference_id
reference_type
scores
url	http://secunia.com/advisories/19555

reference_url	http://secunia.com/advisories/19563
reference_id
reference_type
scores
url	http://secunia.com/advisories/19563

reference_url	http://secunia.com/advisories/19590
reference_id
reference_type
scores
url	http://secunia.com/advisories/19590

reference_url	http://secunia.com/advisories/19591
reference_id
reference_type
scores
url	http://secunia.com/advisories/19591

reference_url	http://secunia.com/advisories/19600
reference_id
reference_type
scores
url	http://secunia.com/advisories/19600

reference_url	http://secunia.com/advisories/19691
reference_id
reference_type
scores
url	http://secunia.com/advisories/19691

reference_url	http://secunia.com/advisories/19699
reference_id
reference_type
scores
url	http://secunia.com/advisories/19699

reference_url	http://secunia.com/advisories/24954
reference_id
reference_type
scores
url	http://secunia.com/advisories/24954

reference_url	http://secunia.com/secunia_research/2005-64/advisory/
reference_id
reference_type
scores
url	http://secunia.com/secunia_research/2005-64/advisory/

reference_url	http://securityreason.com/securityalert/713
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/713

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24051

reference_url	http://www.debian.org/security/2006/dsa-1029
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1029

reference_url	http://www.debian.org/security/2006/dsa-1030
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1030

reference_url	http://www.debian.org/security/2006/dsa-1031
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1031

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml

reference_url	http://www.maxdev.com/Article550.phtml
reference_id
reference_type
scores
url	http://www.maxdev.com/Article550.phtml

reference_url	http://www.osvdb.org/22290
reference_id
reference_type
scores
url	http://www.osvdb.org/22290

reference_url	http://www.securityfocus.com/archive/1/423784/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/423784/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/430448/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430448/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/466171/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/466171/100/0/threaded

reference_url	http://www.securityfocus.com/bid/16187
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/16187

reference_url	http://www.vupen.com/english/advisories/2006/0101
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0101

reference_url	http://www.vupen.com/english/advisories/2006/0102
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0102

reference_url	http://www.vupen.com/english/advisories/2006/0103
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0103

reference_url	http://www.vupen.com/english/advisories/2006/0104
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0104

reference_url	http://www.vupen.com/english/advisories/2006/0105
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0105

reference_url	http://www.vupen.com/english/advisories/2006/0370
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0370

reference_url	http://www.vupen.com/english/advisories/2006/0447
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0447

reference_url	http://www.vupen.com/english/advisories/2006/1304
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1304

reference_url	http://www.vupen.com/english/advisories/2006/1305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1305

reference_url	http://www.vupen.com/english/advisories/2006/1419
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1419

reference_url	http://www.xaraya.com/index.php/news/569
reference_id
reference_type
scores
url	http://www.xaraya.com/index.php/news/569

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediabeez:mediabeez::::::::
reference_id	cpe:2.3:a:mediabeez:mediabeez::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediabeez:mediabeez::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_id	cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_id	cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-0146

reference_id

CVE-2006-0146

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2006-0146

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1663.php
reference_id	OSVDB-24878;CVE-2006-2029;OSVDB-24562;CVE-2006-1779;OSVDB-24561;CVE-2006-1778;OSVDB-24560;CVE-2006-1777;CVE-2006-1776;OSVDB-24559;CVE-2006-0147;OSVDB-22291;OSVDB-22290;CVE-2006-0146
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/1663.php

fixed_packages

url	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
purl	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie

aliases CVE-2006-0146

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9x72-e9wx-mqf4

url VCID-he8q-5n8u-27dv

vulnerability_id VCID-he8q-5n8u-27dv

summary Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-10004

reference_id

reference_type

scores

value	0.54001
scoring_system	epss
scoring_elements	0.97992
published_at	2026-04-01T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.97997
published_at	2026-04-02T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.97999
published_at	2026-04-04T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98001
published_at	2026-04-07T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98006
published_at	2026-04-08T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98007
published_at	2026-04-09T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98011
published_at	2026-04-11T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98012
published_at	2026-04-12T12:55:00Z

value	0.54001
scoring_system	epss
scoring_elements	0.98013
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-10004

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-10004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-10004

reference_url

https://www.exploit-db.com/exploits/16881

reference_id

16881

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://www.exploit-db.com/exploits/16881

reference_url

https://www.exploit-db.com/exploits/9911

reference_id

9911

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://www.exploit-db.com/exploits/9911

reference_url

https://web.archive.org/web/20050305034552/http://www.cacti.net/cactid_download.php

reference_id

cactid_download.php

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://web.archive.org/web/20050305034552/http://www.cacti.net/cactid_download.php

reference_url

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/cacti_graphimage_exec.rb

reference_id

cacti_graphimage_exec.rb

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/cacti_graphimage_exec.rb

reference_url

https://www.vulncheck.com/advisories/cacti-graph-view-rce

reference_id

cacti-graph-view-rce

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://www.vulncheck.com/advisories/cacti-graph-view-rce

reference_url

https://www.cacti.net/info/downloads

reference_id

downloads

reference_type

scores

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-02T20:43:58Z/

url

https://www.cacti.net/info/downloads

fixed_packages

url	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
purl	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie

aliases CVE-2005-10004

risk_score 10.0

exploitability 2.0

weighted_severity 7.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-he8q-5n8u-27dv

url VCID-kjcg-xe2b-akap

vulnerability_id VCID-kjcg-xe2b-akap

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html

reference_url	http://retrogod.altervista.org/simplog_092_incl_xpl.html
reference_id
reference_type
scores
url	http://retrogod.altervista.org/simplog_092_incl_xpl.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0147

reference_id

reference_type

scores

value	0.29662
scoring_system	epss
scoring_elements	0.96621
published_at	2026-04-13T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96589
published_at	2026-04-01T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96599
published_at	2026-04-02T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96603
published_at	2026-04-04T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96606
published_at	2026-04-07T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96614
published_at	2026-04-08T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96616
published_at	2026-04-09T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96618
published_at	2026-04-11T12:55:00Z

value	0.29662
scoring_system	epss
scoring_elements	0.96619
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0147

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0147
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0147

reference_url	http://secunia.com/advisories/17418
reference_id
reference_type
scores
url	http://secunia.com/advisories/17418

reference_url	http://secunia.com/advisories/18233
reference_id
reference_type
scores
url	http://secunia.com/advisories/18233

reference_url	http://secunia.com/advisories/18254
reference_id
reference_type
scores
url	http://secunia.com/advisories/18254

reference_url	http://secunia.com/advisories/18260
reference_id
reference_type
scores
url	http://secunia.com/advisories/18260

reference_url	http://secunia.com/advisories/18267
reference_id
reference_type
scores
url	http://secunia.com/advisories/18267

reference_url	http://secunia.com/advisories/18276
reference_id
reference_type
scores
url	http://secunia.com/advisories/18276

reference_url	http://secunia.com/advisories/19555
reference_id
reference_type
scores
url	http://secunia.com/advisories/19555

reference_url	http://secunia.com/advisories/19590
reference_id
reference_type
scores
url	http://secunia.com/advisories/19590

reference_url	http://secunia.com/advisories/19591
reference_id
reference_type
scores
url	http://secunia.com/advisories/19591

reference_url	http://secunia.com/advisories/19600
reference_id
reference_type
scores
url	http://secunia.com/advisories/19600

reference_url	http://secunia.com/advisories/19628
reference_id
reference_type
scores
url	http://secunia.com/advisories/19628

reference_url	http://secunia.com/advisories/19691
reference_id
reference_type
scores
url	http://secunia.com/advisories/19691

reference_url	http://secunia.com/secunia_research/2005-64/advisory/
reference_id
reference_type
scores
url	http://secunia.com/secunia_research/2005-64/advisory/

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24052
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24052

reference_url	https://www.exploit-db.com/exploits/1663
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/1663

reference_url	http://www.debian.org/security/2006/dsa-1029
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1029

reference_url	http://www.debian.org/security/2006/dsa-1030
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1030

reference_url	http://www.debian.org/security/2006/dsa-1031
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1031

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml

reference_url	http://www.osvdb.org/22291
reference_id
reference_type
scores
url	http://www.osvdb.org/22291

reference_url	http://www.securityfocus.com/archive/1/430448/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430448/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/430743/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/430743/100/0/threaded

reference_url	http://www.vupen.com/english/advisories/2006/0101
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0101

reference_url	http://www.vupen.com/english/advisories/2006/0102
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0102

reference_url	http://www.vupen.com/english/advisories/2006/0103
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0103

reference_url	http://www.vupen.com/english/advisories/2006/0104
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0104

reference_url	http://www.vupen.com/english/advisories/2006/1305
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1305

reference_url	http://www.vupen.com/english/advisories/2006/1332
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/1332

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.66:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.66:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_id	cpe:2.3:a:john_lim:adodb:4.68:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:john_lim:adodb:4.68:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:0.19.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:0.19.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_id	cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mantis:mantis:1.0.0_rc4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_id	cpe:2.3:a:moodle:moodle:1.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:moodle:moodle:1.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_id	cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postnuke_software_foundation:postnuke:0.761:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_id	cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_cacti_group:cacti:0.8.6g:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2006-0147

reference_id

CVE-2006-0147

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2006-0147

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

fixed_packages

url	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
purl	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie

aliases CVE-2006-0147

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjcg-xe2b-akap

url VCID-yqvt-gasb-t3bq

vulnerability_id VCID-yqvt-gasb-t3bq

summary

Multiple vulnerabilities have been discovered in the ADOdb layer included
    in Cacti, potentially resulting in the execution of arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-0410

reference_id

reference_type

scores

value	0.01319
scoring_system	epss
scoring_elements	0.7982
published_at	2026-04-01T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79827
published_at	2026-04-02T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79848
published_at	2026-04-04T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79836
published_at	2026-04-07T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79865
published_at	2026-04-08T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79873
published_at	2026-04-09T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79893
published_at	2026-04-11T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79876
published_at	2026-04-12T12:55:00Z

value	0.01319
scoring_system	epss
scoring_elements	0.79869
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-0410

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0410

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985
reference_id	349985
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349985

reference_url	https://security.gentoo.org/glsa/200602-02
reference_id	GLSA-200602-02
reference_type
scores
url	https://security.gentoo.org/glsa/200602-02

reference_url	https://security.gentoo.org/glsa/200604-07
reference_id	GLSA-200604-07
reference_type
scores
url	https://security.gentoo.org/glsa/200604-07

fixed_packages

url	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
purl	pkg:deb/debian/cacti@0.8.6d-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/cacti@1.2.16%2Bds1-2%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-cqr3-wwhj-tyck

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

vulnerability	VCID-zxu5-equ9-1kam

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.16%252Bds1-2%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

purl pkg:deb/debian/cacti@1.2.24%2Bds1-1%2Bdeb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e5y-1s19-r7g7

vulnerability	VCID-pxqa-nkv3-jqfs

vulnerability	VCID-xkkm-ss3p-1udc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.24%252Bds1-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-1%3Fdistro=trixie

url	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
purl	pkg:deb/debian/cacti@1.2.30%2Bds1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@1.2.30%252Bds1-2%3Fdistro=trixie

aliases CVE-2006-0410

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqvt-gasb-t3bq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cacti@0.8.6d-1%3Fdistro=trixie

Package Instance