CVE 2010-2544
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
Related bugs and status
CVE-2010-2544 (Candidate) is related to these bugs:
Bug #599892: [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu) | Medium | Invalid | ||
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu Hardy) | Undecided | Won't Fix | ||
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu Jaunty) | Undecided | Won't Fix | ||
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu Lucid) | Undecided | Fix Released | ||
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu Karmic) | Undecided | Won't Fix | ||
599892 | [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092 | cacti (Ubuntu Maverick) | Medium | Invalid |
Bug #606663: [SECURITY] various fixes in cacti 0.8.7f and 0.8.7g
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
606663 | [SECURITY] various fixes in cacti 0.8.7f and 0.8.7g | cacti (Ubuntu) | Undecided | New |
Bug #906773: CVE-2011-4824 SQL injection issue in auth_login.php
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu) | Medium | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Debian) | Unknown | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu Lucid) | Medium | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu Maverick) | Medium | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu Natty) | Medium | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu Precise) | Medium | Fix Released | ||
906773 | CVE-2011-4824 SQL injection issue in auth_login.php | cacti (Ubuntu Oneiric) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.