Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 4 Jan 2016 22:30:05 +0100
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Cc: Paul Gevers <elbrus@...ian.org>
Subject: CVE Request: cacti: SQL injection vulnerability in graphs_new.php

Hi,

Another SQL injection vulnerability via graphs_new.php in cacti was
found, reported to the bug http://bugs.cacti.net/view.php?id=2652 .

No upstream commit to fix the issue is available yet.

This seems different to CVE-2015-8377, which was assigned for
http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt

Can you assign a CVE for this issue?

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ