CVE-2004-1737

Cacti 0.8.5a - SQL Injection via Username or Password Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1737. PoCs published by Fernando Quintero.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Cacti's auth_login.php script, allowing authentication bypass via a crafted username parameter. It also includes a secondary payload to execute arbitrary commands by inserting malicious data into the database, which is then executed via cmd.php.

Description

SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Fernando Quintero · textwebappsphp

https://www.exploit-db.com/exploits/24375

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in Cacti's auth_login.php script, allowing authentication bypass via a crafted username parameter. It also includes a secondary payload to execute arbitrary commands by inserting malicious data into the database, which is then executed via cmd.php.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Cacti (version not specified)

No auth needed

Prerequisites: Access to the Cacti login interface · Ability to send crafted HTTP requests

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17011

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10960

Exploit, Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/12308

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=109272483621038&w=2

Patch, Vendor Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml

Scores

EPSS 0.0283

EPSS Percentile 84.8%

Details

Status published

Products (20)

gentoo/linux 1.4

the_cacti_group/cacti 0.6

the_cacti_group/cacti 0.6.1

the_cacti_group/cacti 0.6.2

the_cacti_group/cacti 0.6.3

the_cacti_group/cacti 0.6.4

the_cacti_group/cacti 0.6.5

the_cacti_group/cacti 0.6.6

the_cacti_group/cacti 0.6.7

the_cacti_group/cacti 0.6.8

... and 10 more

Published Aug 16, 2004

Tracked Since Feb 18, 2026