CVE-2024-31460 | Cacti up to 1.2.26 automation_tree_rules.php create_all_header_nodes sql injection

Posted by Angelo Barbosa | May 13, 2024 | CVE

A vulnerability, which was classified as critical, was found in Cacti up to 1.2.26. This affects the function create_all_header_nodes in the library lib/api_automation.php of the file automation_tree_rules.php. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-31460. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-31460 | Cacti up to 1.2.26 automation_tree_rules.php create_all_header_nodes sql injection

Related Posts

CVE-2024-1348 | Averta Shortcodes and Extra Features for Phlox Theme up to 2.15.5 on WordPress cross site scripting

CVE-2024-46988 | Enalean Tuleap Community Edition/Tuleap Enterprise Edition Email Notification insufficient permissions or privileges (GHSA-g76g-hc92-96xw)

CVE-2024-7339 | TVT DVR TD-2104TS-CL up to 1.3.4.24879B190222.D00.U2(8A21S) /queryDevInfo information disclosure

Favethemes Houzez Plugin sql injection