VULHUB ™

RaXnet Cacti is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the auth_login.php script due to a failure of the application to properly sanitize user-supplied "username" URI parameter input before using it in an SQL query. It is demonstrated that an attacker may exploit this vulnerability in order to bypass the authentication interface used by Cacti.

RaXnet Cacti is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the auth_login.php script due to a failure of the application to properly sanitize user-supplied "username" URI parameter input before using it in an SQL query. It is demonstrated that an attacker may exploit this vulnerability in order to bypass the authentication interface used by Cacti.