TheWitness

7 exploits Active since Dec 2023
CVE-2023-49086 WRITEUP MEDIUM WRITEUP
Cacti <1.2.27 - XSS
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). A vulnerability in versions prior to 1.2.27 bypasses an earlier fix for CVE-2023-39360, therefore leading to a DOM XSS attack. Exploitation of the vulnerability is possible for an authorized user. The vulnerable component is the `graphs_new.php`. The impact of the vulnerability is execution of arbitrary JavaScript code in the attacked user's browser. This issue has been patched in version 1.2.27.
CVSS 5.4
CVE-2024-31443 WRITEUP MEDIUM WRITEUP
Cacti < 1.2.27 - XSS
Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.
CVSS 5.7
CVE-2024-45598 WRITEUP MEDIUM WRITEUP
Cacti < 1.2.29 - Path Traversal
Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the `Poller Standard Error Log Path` parameter in either Installation Step 5 or in Configuration->Settings->Paths tab to a local file inside the server. Then simply going to Logs tab and selecting the name of the local file will show its content on the web UI. This vulnerability is fixed in 1.2.29.
CVSS 6.0
CVE-2024-54145 WRITEUP MEDIUM WRITEUP
Cacti - SQL Injection
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the get_discovery_results function of automation_devices.php using the network parameter. This vulnerability is fixed in 1.2.29.
CVSS 6.3
CVE-2024-54146 WRITEUP HIGH WRITEUP
Cacti - SQL Injection
Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the template function of host_templates.php using the graph_template parameter. This vulnerability is fixed in 1.2.29.
CVSS 7.6
CVE-2025-24368 WRITEUP HIGH WRITEUP
Cacti < 1.2.29 - SQL Injection
Cacti is an open source performance and fault management framework. Some of the data stored in automation_tree_rules.php is not thoroughly checked and is used to concatenate the SQL statement in build_rule_item_filter() function from lib/api_automation.php, resulting in SQL injection. This vulnerability is fixed in 1.2.29.
CVSS 7.5
CVE-2025-26520 WRITEUP HIGH WRITEUP
Cacti < 1.2.29 - SQL Injection
Cacti through 1.2.29 allows SQL injection in the template function in host_templates.php via the graph_template parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146.
CVSS 7.6