CVE-2023-46490

Name
CVE-2023-46490
Description
SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53
MISC https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:cacti:cacti:1.2.25:*:*:*:*:*:*:* cacti == None == 1.2.25

Vulnerable and fixed packages

Source package Branch Version Maintainer Status