CVE-2007-6035
cacti - SQL injection
EPSS 4.5%
Description
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
How to fix CVE-2007-6035
To remediate CVE-2007-6035, upgrade the affected package to a fixed version below.
- Debian/cacti—upgrade to 0.8.7a-1 or later
- Debian/cacti—upgrade to 0.8.6c-7sarge5 or later
Is CVE-2007-6035 being exploited?
Low — EPSS is 4.5%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.8.7a-1
- from 0, < 0.8.6c-7sarge5