latest version: 1.1.0
 
 Cacti (home)ForumsDocumentation

Cacti: The complete RRDTool-based graphing solution.
 
Latest Files
cacti-1.1.0.tar.gz...
cacti-1.1.0.zip...

Information
What is Cacti?
Features
Changelog
Screen Shots

Downloads
Download Cacti
Official Patches

Spine
Information
Changelog
Download
Official Patches
Installation

Development
Support Cacti
Report an Issue
GitHub

Support
Documentation
Forums
Mailing Lists
FAQ

Release Notes - 0.8.8e

Important Security Fixes

  • Multiple XSS and SQL injection vulnerabilities
  • CVE-2015-4634 - SQL injection in graphs.php

Changelog

bug: Fixed issue with graph zooming failing to work
bug: Fixed various SQL Injection vectors
bug#0002569: Impossible to have a URL pointing directly to a graph
bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
bug#0002579: SQL Injection Vulnerabilities in data sources
bug#0002580: SQL Injection in cdef.php
bug#0002582: SQL Injection in data_templates.php
bug#0002583: SQL Injection in graph_templates.php
bug#0002584: SQL Injection in host_templates.php
bug#0002586: Cannot delete data sources from the GUI
bug#0002592: graph_view.php - viewing host in new tab - Undefined index: nodeid
bug#0002594: status_fail_date and status_rec_date are set incorrectly after host is marked down
bug#0002597: Incorrect value in Hosts column on Host Templates page
bug#0002598: Incorrect row number in Devices -> (Edit) page
 
 
 
Copyright © 2004-2012 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool