CVE-2023-51448 | Cacti up to 1.2.25 HTTP GET managers.php selected_graphs_array sql injection (GHSA-w85f-7c4w-7594)

Posted by Angelo Barbosa | Dec 22, 2023 | CVE

A vulnerability classified as critical was found in Cacti up to 1.2.25. This vulnerability affects unknown code of the file managers.php of the component HTTP GET Handler. The manipulation of the argument selected_graphs_array leads to sql injection.

This vulnerability was named CVE-2023-51448. The attack can be initiated remotely. There is no exploit available.

CVE-2023-51448 | Cacti up to 1.2.25 HTTP GET managers.php selected_graphs_array sql injection (GHSA-w85f-7c4w-7594)

Related Posts

CVE-2023-6855 | Paid Memberships Pro Plugin up to 2.12.5 on WordPress API authorization

CVE-2024-24245 | Canimaan ClamXAV up to 3.6.1 Helper Tool Local Privilege Escalation

CVE-2023-39244 | Dell ESI for SAP LAMA up to 9.x EHAC access control (dsa-2023-299)

CVE-2024-10430 | Codezips Pet Shop Management System 1.0 /animalsupdate.php id sql injection