Homepage

cacti vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cacti package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Arbitrary Command Injection

<1.2.30+ds1-1
  • H
CVE-2005-10004

<0.8.6d-1
  • L
CVE-2025-26520

<1.2.30+ds1-1
  • H
SQL Injection

<1.2.28+ds1-4
  • H
SQL Injection

<1.2.28+ds1-4
  • M
Directory Traversal

<1.2.28+ds1-4
  • H
OS Command Injection

<1.2.28+ds1-4
  • H
SQL Injection

<1.2.28+ds1-4
  • L
CVE-2025-24367

<1.2.28+ds1-4
  • M
Cross-site Scripting (XSS)

<1.2.26+ds1-1
  • C
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<1.2.26+ds1-1
  • H
Cross-site Scripting (XSS)

<1.2.28+ds1-1
  • L
Arbitrary Code Injection

<1.2.28+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.28+ds1-1
  • H
Cross-site Scripting (XSS)

<1.2.28+ds1-1
  • H
CVE-2024-25641

<1.2.27+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.27+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.27+ds1-1
  • C
Insufficient Comparison

<1.2.27+ds1-1
  • H
SQL Injection

<1.2.27+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.27+ds1-1
  • H
SQL Injection

<1.2.27+ds1-1
  • H
CVE-2024-31459

<1.2.27+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.27+ds1-1
  • H
SQL Injection

<1.2.27+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.26+ds1-1
  • H
SQL Injection

<1.2.26+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.26+ds1-1
  • H
SQL Injection

<1.2.26+ds1-1
  • H
PHP Remote File Inclusion

<1.2.26+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.26+ds1-1
  • M
SQL Injection

<1.2.26+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Deserialization of Untrusted Data

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
SQL Injection

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Open Redirect

<1.2.25+ds1-1
  • H
SQL Injection

<1.2.25+ds1-1
  • H
Improper Input Validation

<1.2.25+ds1-1
  • H
OS Command Injection

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • C
SQL Injection

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • H
SQL Injection

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.22+ds1-1
  • L
Incorrect Authorization

<1.2.23+ds1-1
  • M
Cross-site Scripting (XSS)

<0.8.7i-1
  • H
Authorization Bypass Through User-Controlled Key

<1.2.6+ds1-1
  • C
OS Command Injection

<1.2.22+ds1-3
  • C
Improper Authentication

<1.2.20+ds1-1
  • M
Cross-site Scripting (XSS)

<0.8.7i-1
  • M
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.19+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.13+ds1-1
  • H
SQL Injection

<1.2.16+ds1-2
  • M
Cross-site Scripting (XSS)

<1.2.14+ds1-1
  • H
SQL Injection

<1.2.13+ds1-1
  • M
Cross-site Request Forgery (CSRF)

<1.2.11+ds1-1
  • M
Improper Preservation of Permissions

<1.2.11+ds1-1
  • H
OS Command Injection

<1.2.10+ds1-1
  • H
OS Command Injection

<1.2.9+ds1-1
  • M
Cross-site Scripting (XSS)

<1.2.9+ds1-1
  • L
Improper Input Validation

*
  • H
Out-of-bounds Write

<1.2.8+ds1-1
  • M
SQL Injection

<1.2.8+ds1-1
  • M
Authorization Bypass Through User-Controlled Key

<1.2.7+ds1-1
  • L
Cross-site Scripting (XSS)

<1.2.2+ds1-2
  • L
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • L
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • L
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • L
Cross-site Scripting (XSS)

<1.2.1+ds1-1
  • L
Cross-site Scripting (XSS)

<1.1.37+ds1-1
  • L
Cross-site Scripting (XSS)

<1.1.37+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.37+ds1-1
  • H
Access Restriction Bypass

<0.8.8h+ds1-5
  • L
Arbitrary Code Injection

<0.8.8e+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.27+ds1-3
  • H
Exposure of Resource to Wrong Sphere

<1.1.27+ds1-3
  • M
Information Exposure

<1.1.27+ds1-3
  • H
OS Command Injection

<1.1.27+ds1-3
  • M
Cross-site Scripting (XSS)

<1.1.25+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.18+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.17+ds1-2
  • C
CVE-2017-12065

<1.1.16+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.16+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.15+ds1-1
  • H
SQL Injection

<0.8.8e+ds1-1
  • M
Cross-site Scripting (XSS)

<0.8.8b+dfsg-6
  • M
Cross-site Scripting (XSS)

<1.1.12+ds1-1
  • M
Cross-site Scripting (XSS)

<1.1.12+ds1-1
  • H
Access Restriction Bypass

<0.8.8g+ds1-1
  • H
SQL Injection

<0.8.8g+ds1-2
  • H
SQL Injection

<0.8.8f+ds1-4
  • H
SQL Injection

<0.8.8h+ds1-1
  • H
SQL Injection

<0.8.8f+ds1-3
  • M
SQL Injection

<0.8.8f+ds1-4
  • H
SQL Injection

<0.8.8e+ds1-1
  • M
Cross-site Scripting (XSS)

<0.8.8d+ds1-1
  • M
Cross-site Scripting (XSS)

<0.8.8d+ds1-1
  • H
SQL Injection

<0.8.8d+ds1-1
  • H
SQL Injection

<0.8.8d+ds1-1
  • M
SQL Injection

<0.8.6f-1
  • L
Cross-site Scripting (XSS)

<0.8.8b+dfsg-7
  • L
Cross-site Scripting (XSS)

<0.8.8b+dfsg-7
  • H
SQL Injection

<0.8.8b+dfsg-8
  • H
Arbitrary Code Injection

<0.8.8b+dfsg-8
  • M
Cross-site Scripting (XSS)

<0.8.8b+dfsg-6
  • H
CVE-2014-2709

<0.8.8b+dfsg-4
  • M
Cross-site Request Forgery (CSRF)

<0.8.8b+dfsg-6
  • M
CVE-2014-2328

<0.8.8b+dfsg-4
  • H
SQL Injection

<0.8.8b+dfsg-4
  • M
Cross-site Scripting (XSS)

<0.8.8b+dfsg-4
  • H
SQL Injection

<0.8.8b+dfsg-3
  • M
Cross-site Scripting (XSS)

<0.8.8b+dfsg-3
  • H
Arbitrary Code Injection

<0.8.8b+dfsg-1
  • H
SQL Injection

<0.8.8b+dfsg-1
  • L
Cross-site Scripting (XSS)

<0.8.7i-1
  • H
SQL Injection

<0.8.7i-1
  • M
Improper Input Validation

<0.8.7g-1
  • M
Cross-site Scripting (XSS)

<0.8.7g-1
  • M
Cross-site Scripting (XSS)

<0.8.7g-1
  • M
Cross-site Scripting (XSS)

<0.8.7g-1
  • M
Cross-site Scripting (XSS)

<0.8.7g-1
  • H
SQL Injection

<0.8.7e-4
  • H
SQL Injection

<0.8.7e-3
  • L
Access Restriction Bypass

<1.2.1+ds1-1
  • L
Cross-site Scripting (XSS)

<0.8.7e-1.1
  • L
SQL Injection

<0.8.7b-1
  • L
Cross-site Scripting (XSS)

<0.8.7b-1
  • L
Information Exposure

<0.8.7b-1
  • M
Arbitrary Code Injection

<0.8.7b-1
  • M
SQL Injection

<0.8.7a-1
  • L
CVE-2007-3113

<0.8.6j-1.1
  • L
CVE-2007-3112

<0.8.6j-1.1
  • H
CVE-2006-6799

<0.8.6i-3
  • M
Cross-site Scripting (XSS)

<0.8.6d-1
  • M
CVE-2006-0410

<0.8.6d-1
  • M
SQL Injection

<0.8.6d-1
  • M
CVE-2006-0147

<0.8.6d-1
  • H
CVE-2005-2148

<0.8.6f-1
  • H
CVE-2005-2149

<0.8.6f-1
  • H
CVE-2005-1526

<0.8.6e-1
  • H
CVE-2005-1525

<0.8.6e-1
  • H
CVE-2005-1524

<0.8.6e-1
  • M
CVE-2004-1736

<0.8.5a-5
  • H
CVE-2004-1737

<0.8.5a-5
  • H
CVE-2002-1477

<0.6.8a-2
  • M
CVE-2002-1479

<0.6.8-1
  • C
CVE-2002-1478

<0.6.8a-2