vulnerability

Ubuntu: (CVE-2016-3172): cacti vulnerability

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:P)

Published

Apr 12, 2016

Added

Nov 19, 2024

Modified

Apr 16, 2026

Description

SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.

Solution

ubuntu-upgrade-cacti

References

CVE-2016-3172
https://attackerkb.com/topics/CVE-2016-3172
CWE-89
EUVD-EUVD-2016-4214
http://www.openwall.com/lists/oss-security/2016/03/10/13
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-4214
https://www.cve.org/CVERecord?id=CVE-2016-3172

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report