CVE-2008-0785
Cacti 0.8.6-0.8.7 - Authenticated SQL Injection via Multiple Parameters
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2008-0785. PoCs published by aScii.
AI-analyzed exploit summary The exploit demonstrates SQL injection and XSS vulnerabilities in Cacti 0.8.7a and prior versions. It includes a URL-based SQLi example and a cURL command to exploit the vulnerability via POST data.
Description
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
Exploits (4)
The exploit demonstrates SQL injection and XSS vulnerabilities in Cacti 0.8.7a and prior versions. It includes a URL-based SQLi example and a cURL command to exploit the vulnerability via POST data.
This exploit demonstrates a SQL injection vulnerability in Cacti's graph_xport.php by injecting a single quote into the local_graph_id parameter. It requires a valid session cookie to exploit the vulnerability.
The provided text describes multiple vulnerabilities in Cacti 0.8.7a and prior, including SQL injection, XSS, and HTTP response splitting. It includes a sample SQL injection payload for demonstration but lacks executable exploit code.
This exploit demonstrates a blind SQL injection vulnerability in Cacti 0.8.7a and prior versions. It uses conditional queries to infer password characters by observing HTTP response status codes.