CVE-2005-2149
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
Affected Platforms (CPE)
π¦
The Cacti Group
Cacti
= 0.8π¦
The Cacti Group
Cacti
= 0.8.1π¦
The Cacti Group
Cacti
= 0.8.2π¦
The Cacti Group
Cacti
= 0.8.2aπ¦
The Cacti Group
Cacti
= 0.8.3π¦
The Cacti Group
Cacti
= 0.8.3aπ¦
The Cacti Group
Cacti
= 0.8.4π¦
The Cacti Group
Cacti
= 0.8.5π¦
The Cacti Group
Cacti
= 0.8.5aπ¦
The Cacti Group
Cacti
= 0.8.6π¦
The Cacti Group
Cacti
= 0.8.6aπ¦
The Cacti Group
Cacti
= 0.8.6bπ¦
The Cacti Group
Cacti
= 0.8.6cπ¦
The Cacti Group
Cacti
= 0.8.6dπ¦
The Cacti Group