Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Tag: cacti Clear
ID Title
CVE-2026-40941 Vulnerability in cacti (CVE-2026-40941)
vulnerability in cacti (CVE-2026-40941). Data can be tampered with by attackers.
CVE-2026-40084 Path Traversal in path-traversal (CVE-2026-40084)
path traversal in path-traversal (CVE-2026-40084). Confidential information can be exposed externally.
CVE-2026-40083 SQL Injection in sqli (CVE-2026-40083)
SQL injection in sqli (CVE-2026-40083). Successful exploitation can lead to full system takeover.
CVE-2026-40080 Open Redirect in cacti (CVE-2026-40080)
vulnerability in cacti (CVE-2026-40080). Risk of unauthorized operations or information disclosure.
CVE-2026-40079 OS Command Injection in cacti (CVE-2026-40079)
OS command injection in cacti (CVE-2026-40079). Successful exploitation can lead to full system takeover.
CVE-2026-39951 SQL Injection in sqli (CVE-2026-39951)
SQL injection in sqli (CVE-2026-39951). Confidential information can be exposed externally.
CVE-2026-39955 SQL Injection in sqli (CVE-2026-39955)
SQL injection in sqli (CVE-2026-39955). Successful exploitation can lead to full system takeover.
CVE-2026-39948 SQL Injection in cacti (CVE-2026-39948)
SQL injection in cacti (CVE-2026-39948). Successful exploitation can lead to full system takeover.
CVE-2026-39938 Path Traversal in cacti (CVE-2026-39938)
path traversal in cacti (CVE-2026-39938). Successful exploitation can lead to full system takeover.
CVE-2026-39900 Cross-Site Scripting (XSS) in cacti (CVE-2026-39900)
cross-site scripting in cacti (CVE-2026-39900). Risk of unauthorized operations or information disclosure.
CVE-2026-39899 Path Traversal in path-traversal (CVE-2026-39899)
path traversal in path-traversal (CVE-2026-39899). Risk of unauthorized operations or information disclosure.
CVE-2026-39897 Cross-Site Scripting (XSS) in cacti (CVE-2026-39897)
cross-site scripting in cacti (CVE-2026-39897). Risk of unauthorized operations or information disclosure.
CVE-2026-39893 SQL Injection in sqli (CVE-2026-39893)
SQL injection in sqli (CVE-2026-39893). Successful exploitation can lead to full system takeover.
CVE-2022-46169 KEV [KEV] Vulnerability in cacti (CVE-2022-46169)
vulnerability in cacti (CVE-2022-46169). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-10700 Vulnerability in cacti (CVE-2016-10700)
vulnerability in cacti (CVE-2016-10700). Successful exploitation can lead to full system takeover.
CVE-2014-4000 Code Injection in cacti (CVE-2014-4000)
code injection in cacti (CVE-2014-4000). Successful exploitation can lead to full system takeover.
CVE-2017-16785 Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
CVE-2017-16661 Information Disclosure in cacti (CVE-2017-16661)
vulnerability in cacti (CVE-2017-16661). Confidential information can be exposed externally.
CVE-2017-16660 Vulnerability in c (CVE-2017-16660)
vulnerability in c (CVE-2017-16660). Successful exploitation can lead to full system takeover.
CVE-2017-16641 OS Command Injection in cacti (CVE-2017-16641)
OS command injection in cacti (CVE-2017-16641). Successful exploitation can lead to full system takeover.
CVE-2017-15194 include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.
include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.
CVE-2017-12978 Cross-Site Scripting (XSS) in cacti (CVE-2017-12978)
cross-site scripting in cacti (CVE-2017-12978). Risk of unauthorized operations or information disclosure.
CVE-2017-12927 Cross-Site Scripting (XSS) in cacti (CVE-2017-12927)
cross-site scripting in cacti (CVE-2017-12927). Risk of unauthorized operations or information disclosure.
CVE-2017-12066 Cross-Site Scripting (XSS) in cacti (CVE-2017-12066)
cross-site scripting in cacti (CVE-2017-12066). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
CVE-2017-11691 Cross-Site Scripting (XSS) in cacti (CVE-2017-11691)
cross-site scripting in cacti (CVE-2017-11691). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
CVE-2017-1000032 Cross-Site Scripting (XSS) in cacti (CVE-2017-1000032)
cross-site scripting in cacti (CVE-2017-1000032). Risk of unauthorized operations or information disclosure.
CVE-2017-1000031 SQL Injection in sqli (CVE-2017-1000031)
SQL injection in sqli (CVE-2017-1000031). Successful exploitation can lead to full system takeover.
CVE-2017-11163 Cross-Site Scripting (XSS) in cacti (CVE-2017-11163)
cross-site scripting in cacti (CVE-2017-11163). Risk of unauthorized operations or information disclosure. Exploitable via `Referer header`.
CVE-2017-10970 Cross-Site Scripting (XSS) in cacti (CVE-2017-10970)
cross-site scripting in cacti (CVE-2017-10970). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →