1
Candidate: CVE-2015-8377
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377
5
http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt
6
http://seclists.org/fulldisclosure/2015/Dec/57
8
SQL injection vulnerability in the host_new_graphs_save function in
9
graphs_new.php in Cacti 0.8.8f and earlier allows remote authenticated
10
users to execute arbitrary SQL commands via crafted serialized data in the
11
selected_graphs_array parameter in a save action.
20
upstream_cacti: released (0.8.8f+ds1-4)
21
precise_cacti: ignored (reached end-of-life)
22
precise/esm_cacti: DNE (precise was needed)
23
trusty_cacti: released (0.8.8b+dfsg-5ubuntu0.2)
24
vivid_cacti: ignored (reached end-of-life)
25
vivid/stable-phone-overlay_cacti: DNE
26
vivid/ubuntu-core_cacti: DNE
27
wily_cacti: ignored (reached end-of-life)
28
xenial_cacti: not-affected (0.8.8f+ds1-4ubuntu4.16.04.1)
29
yakkety_cacti: not-affected
30
zesty_cacti: not-affected
31
devel_cacti: not-affected