CVE-2013-1434
cacti - several
EPSS 1.1%
Description
Multiple SQL injection vulnerabilities in (1) api_poller.php and (2) utility.php in Cacti before 0.8.8b allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
How to fix CVE-2013-1434
To remediate CVE-2013-1434, upgrade the affected package to a fixed version below.
- Debian/cacti—upgrade to 0.8.8b+dfsg-1 or later
- Debian/cacti—upgrade to 0.8.7g-1+squeeze2 or later
Is CVE-2013-1434 being exploited?
Low — EPSS is 1.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.8.8b+dfsg-1
- from 0, < 0.8.7g-1+squeeze2