Leonardo Paiva - Security Researcher - Exploit Intelligence Platform

CVE-2020-14295 NOMISEC HIGH WORKING POC

Cacti - SQL Injection

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

CVSS 7.2

View Code

CVE-2020-14295 METASPLOIT HIGH ruby WORKING POC

Cacti - SQL Injection

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

CVSS 7.2

View Code

CVE-2020-14295 EXPLOITDB HIGH python WORKING POC

Cacti - SQL Injection

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.

CVSS 7.2

View Code