FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
59c284f4-8d2e-11ed-9ce0-b42e991fc52e	net-mgmt/cacti is vulnerable to remote command injection cacti team reports: A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. Discovery 2022-12-05 Entry 2023-01-05 Modified 2023-01-09 cacti < 1.2.23 CVE-2022-46169 https://nvd.nist.gov/vuln/detail/CVE-2022-46169
e4cd0b38-c9f9-11eb-87e1-08002750c711	cacti -- SQL Injection was possible due to incorrect validation order Cati team reports: Due to a lack of validation, data_debug.php can be the source of a SQL injection. Discovery 2020-12-24 Entry 2021-06-10 Modified 2021-06-24 cacti >= 1.2 lt 1.2.17 CVE-2020-35701 https://github.com/Cacti/cacti/issues/4022

VuXML ID

Description

59c284f4-8d2e-11ed-9ce0-b42e991fc52e

net-mgmt/cacti is vulnerable to remote command injection

cacti team reports:

A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device.

Discovery 2022-12-05
Entry 2023-01-05
Modified 2023-01-09
cacti

< 1.2.23

CVE-2022-46169
https://nvd.nist.gov/vuln/detail/CVE-2022-46169

e4cd0b38-c9f9-11eb-87e1-08002750c711

cacti -- SQL Injection was possible due to incorrect validation order

Cati team reports:

Due to a lack of validation, data_debug.php can be the source of a SQL injection.

Discovery 2020-12-24
Entry 2021-06-10
Modified 2021-06-24
cacti

>= 1.2 lt 1.2.17

CVE-2020-35701
https://github.com/Cacti/cacti/issues/4022