CVE-2010-1431

Cacti < 0.8.7e - SQL Injection via Export Item ID Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-1431. PoCs published by Nahuel Grisolia.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Cacti via the 'export_item_id' parameter in 'templates_export.php'. The provided POST request shows how arbitrary SQL code can be injected to manipulate queries.

Description

SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nahuel Grisolia · textwebappsphp

https://www.exploit-db.com/exploits/12338

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in Cacti via the 'export_item_id' parameter in 'templates_export.php'. The provided POST request shows how arbitrary SQL code can be injected to manipulate queries.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Cacti 0.8.7e

Auth required

Prerequisites: Access to a vulnerable Cacti instance · Valid session cookie

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (15)

Core 15

Core References

Mailing List mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2010/Apr/272

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/0986

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2010/dsa-2039

Patch x_refsource_confirm

http://www.cacti.net/downloads/patches/0.8.7e/sql_injection_template_export.patch

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/1107

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41041

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39568

Vendor Advisory vendor-advisory x_refsource_redhat

https://rhn.redhat.com/errata/RHSA-2010-0635.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2010:092

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/2132

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/39653

Patch x_refsource_confirm

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578909

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39572

Exploit, Third Party Advisory x_refsource_misc

http://www.exploit-db.com/sploits/Bonsai-SQL_Injection_in_Cacti.pdf

Scores

EPSS 0.0380

EPSS Percentile 88.6%

Details

CWE

CWE-89

Status published

Products (37)

cacti/cacti 0.5

cacti/cacti 0.6

cacti/cacti 0.6.1

cacti/cacti 0.6.2

cacti/cacti 0.6.3

cacti/cacti 0.6.4

cacti/cacti 0.6.5

cacti/cacti 0.6.6

cacti/cacti 0.6.7

cacti/cacti 0.6.8

... and 27 more

Published May 04, 2010

Tracked Since Feb 18, 2026