latest version: 1.1.10
 
 Cacti (home)ForumsDocumentation

Cacti: The complete RRDTool-based graphing solution.
 

Information
What is Cacti?
Features
Changelog

Downloads
Cacti
Spine

Development
Support Cacti
Report an Issue
GitHub

Support
Documentation
Forums
Mailing Lists
FAQ

Spine
Information
Changelog

Release Notes - 0.8.8e

Important Security Fixes

  • Multiple XSS and SQL injection vulnerabilities
  • CVE-2015-4634 - SQL injection in graphs.php

Changelog

bug: Fixed issue with graph zooming failing to work
bug: Fixed various SQL Injection vectors
bug#0002569: Impossible to have a URL pointing directly to a graph
bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
bug#0002579: SQL Injection Vulnerabilities in data sources
bug#0002580: SQL Injection in cdef.php
bug#0002582: SQL Injection in data_templates.php
bug#0002583: SQL Injection in graph_templates.php
bug#0002584: SQL Injection in host_templates.php
bug#0002586: Cannot delete data sources from the GUI
bug#0002592: graph_view.php - viewing host in new tab - Undefined index: nodeid
bug#0002594: status_fail_date and status_rec_date are set incorrectly after host is marked down
bug#0002597: Incorrect value in Hosts column on Host Templates page
bug#0002598: Incorrect row number in Devices -> (Edit) page
 
 
 
Copyright © 2004-2017 The Cacti Group, Inc. - Cacti is the registered trademark The Cacti Group, Inc.


PHP      RRDTool