{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T01:25:36.527","vulnerabilities":[{"cve":{"id":"CVE-2010-2092","sourceIdentifier":"cve@mitre.org","published":"2010-05-27T22:30:01.467","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which causes the POST or cookie value to bypass the validation routine, but inserts the $_GET value into the resulting query."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en graph.php en Cacti v0.8.7e y anteriores permite a atacntes remotos ejecutar comandos SQL de su elección a través del parámetro rra_id en una petición GET en conjunción con un valor rra_id válido en una petición POST o una cooki, que supera la rutina de validación. \r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.7e","matchCriteriaId":"A034AA62-ECC3-4361-9E42-A1218F9EB2E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.5:-:*:*:*:*:*:*","matchCriteriaId":"015D2C09-205B-426B-9118-13CAC82BDF97"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6:*:*:*:*:*:*:*","matchCriteriaId":"CF50D0E4-94BC-433F-8986-4E2D9AF61A98"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.1:*:*:*:*:*:*:*","matchCriteriaId":"8BE433B1-7F0B-4D16-8FD5-A5E193EC983A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.2:*:*:*:*:*:*:*","matchCriteriaId":"CD541744-A938-44A8-89A5-DE1B39DA1301"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.3:*:*:*:*:*:*:*","matchCriteriaId":"4D7A1EE2-2C80-46B2-B55A-17D200D722BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.4:*:*:*:*:*:*:*","matchCriteriaId":"594CCB0C-4DEA-4ECC-93FE-FDAD231F22CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.5:*:*:*:*:*:*:*","matchCriteriaId":"21352C22-E89D-482E-A704-1E1EFE0F4959"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.6:*:*:*:*:*:*:*","matchCriteriaId":"51B3887B-078A-459D-AFCF-4BDBDB3B1EF7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.7:*:*:*:*:*:*:*","matchCriteriaId":"B4611FB4-7B8D-4DCA-9BFC-87585E16129B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.8:*:*:*:*:*:*:*","matchCriteriaId":"1740FA47-7129-47C0-9EA8-3D5FE1881AAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.6.8a:*:*:*:*:*:*:*","matchCriteriaId":"330C515B-6DD0-4C41-97C8-87689CD443F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8:*:*:*:*:*:*:*","matchCriteriaId":"B44E0187-3577-4770-8D76-10F64F6400B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.1:*:*:*:*:*:*:*","matchCriteriaId":"D3E6282B-B403-45AD-B1EC-82257EEA1A43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.2:*:*:*:*:*:*:*","matchCriteriaId":"0936E4B2-D89C-44B3-9082-77FA369BA280"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.2a:*:*:*:*:*:*:*","matchCriteriaId":"A1257552-9117-45EE-B77C-00879E1FC67B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.3:*:*:*:*:*:*:*","matchCriteriaId":"BA380DC2-2392-413E-AC7A-F8B854EA3108"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.3a:*:*:*:*:*:*:*","matchCriteriaId":"B530A944-0A71-4F88-AAE6-3844364FB098"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.4:*:*:*:*:*:*:*","matchCriteriaId":"62C554AE-AE7A-48B1-A1FF-E8E7691EA344"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.5:*:*:*:*:*:*:*","matchCriteriaId":"25541421-4A87-43BF-86D7-E1377CE3C859"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.5a:*:*:*:*:*:*:*","matchCriteriaId":"301E2B13-D410-4B26-9A47-F90343F47C18"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6:*:*:*:*:*:*:*","matchCriteriaId":"546CE4D8-1E2E-4DEB-9FA1-DEA05F9AAE9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6a:*:*:*:*:*:*:*","matchCriteriaId":"45C420D9-45EB-40EF-BB9D-BBB5BB7DA6D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6b:*:*:*:*:*:*:*","matchCriteriaId":"D5FE1D7F-5A32-4C66-8B7E-7F790F1D9AAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6c:*:*:*:*:*:*:*","matchCriteriaId":"EE910AB1-7D04-4743-9963-BBA191EE4078"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6d:*:*:*:*:*:*:*","matchCriteriaId":"C4290992-9EF9-41D4-8AB5-6744370A25E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6f:*:*:*:*:*:*:*","matchCriteriaId":"DB41A3C5-D03A-4B1F-B841-A9F5021A59F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6g:*:*:*:*:*:*:*","matchCriteriaId":"0F794F36-3073-43C5-A6C7-BADBCF6B735E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6h:*:*:*:*:*:*:*","matchCriteriaId":"76CB86A0-E3A9-4A43-B98B-46654EFE21A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6i:*:*:*:*:*:*:*","matchCriteriaId":"8D62D429-7BDE-47DE-B466-0732DAC3F70E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6j:*:*:*:*:*:*:*","matchCriteriaId":"6893355E-2F64-416D-9AED-898E6D1123F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.6k:*:*:*:*:*:*:*","matchCriteriaId":"9B41942D-A4A9-4916-99E6-DA36EB747BF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.7:*:*:*:*:*:*:*","matchCriteriaId":"191A8F3B-EDFA-47AA-B7B1-95B4C05AFD7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.7a:*:*:*:*:*:*:*","matchCriteriaId":"7A8C1715-DCA1-4C83-B817-9366172CFC1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.7b:*:*:*:*:*:*:*","matchCriteriaId":"307B69DB-CFFB-49BA-A126-134EEE735FCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.7c:*:*:*:*:*:*:*","matchCriteriaId":"6532CB60-B8FA-418D-B077-FCC4EE24C1A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:0.8.7d:*:*:*:*:*:*:*","matchCriteriaId":"2B53567F-C65B-4E1F-BBF7-4F55C845A83A"}]}]}],"references":[{"url":"http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/41041","source":"cve@mitre.org"},{"url":"http://www.cacti.net/changelog.php","source":"cve@mitre.org"},{"url":"http://www.debian.org/security/2010/dsa-2060","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2010/2132","source":"cve@mitre.org"},{"url":"https://rhn.redhat.com/errata/RHSA-2010-0635.html","source":"cve@mitre.org"},{"url":"http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/41041","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.cacti.net/changelog.php","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2010/dsa-2060","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2010/2132","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://rhn.redhat.com/errata/RHSA-2010-0635.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}