View | Details | Raw Unified | Return to bug 201702 | Differences between
and this patch

Collapse All | Expand All

(-)vuln.xml (+44 lines)
Lines 58-63 Link Here
58
58
59
-->
59
-->
60
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
60
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
61
  <vuln vid="0bfda05f-2e6f-11e5-a4a5-002590263bf5">
62
    <topic>cacti -- Multiple XSS and SQL injection vulnerabilities</topic>
63
    <affects>
64
      <package>
65
	<name>cacti</name>
66
	<range><lt>0.8.8e</lt></range>
67
      </package>
68
    </affects>
69
    <description>
70
      <body xmlns="http://www.w3.org/1999/xhtml">
71
	<p>The Cacti Group, Inc. reports:</p>
72
	<blockquote cite="http://www.cacti.net/release_notes_0_8_8e.php">
73
	  <p>Important Security Fixes</p>
74
	  <ul>
75
	    <li>Multiple XSS and SQL injection vulnerabilities</li>
76
	    <li>CVE-2015-4634 - SQL injection in graphs.php</li>
77
	  </ul>
78
	  <p>Changelog</p>
79
	  <ul>
80
	    <li>bug: Fixed various SQL Injection vectors</li>
81
	    <li>bug#0002574: SQL Injection Vulnerabilities in graph items and
82
	       graph template items</li>
83
	    <li>bug#0002577: CVE-2015-4634 - SQL injection in graphs.php</li>
84
	    <li>bug#0002579: SQL Injection Vulnerabilities in data sources</li>
85
	    <li>bug#0002580: SQL Injection in cdef.php</li>
86
	    <li>bug#0002582: SQL Injection in data_templates.php</li>
87
	    <li>bug#0002583: SQL Injection in graph_templates.php</li>
88
	    <li>bug#0002584: SQL Injection in host_templates.php</li>
89
	  </ul>
90
	</blockquote>
91
      </body>
92
    </description>
93
    <references>
94
      <cvename>CVE-2015-4634</cvename>
95
      <freebsdpr>ports/201702</freebsdpr>
96
      <url>http://www.cacti.net/release_notes_0_8_8e.php</url>
97
      <mlist>http://seclists.org/oss-sec/2015/q3/150</mlist>
98
    </references>
99
    <dates>
100
      <discovery>2015-07-12</discovery>
101
      <entry>2015-07-20</entry>
102
    </dates>
103
  </vuln>
104
61
  <vuln vid="8b1f53f3-2da5-11e5-86ff-14dae9d210b8">
105
  <vuln vid="8b1f53f3-2da5-11e5-86ff-14dae9d210b8">
62
    <topic>php-phar -- multiple vulnerabilities</topic>
106
    <topic>php-phar -- multiple vulnerabilities</topic>
63
    <affects>
107
    <affects>

Return to bug 201702