You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
netniV
changed the title
SQL Injection in data_debug.php
SQL Injection vulnerability due to input validation errors when diagnosing datasources (CVE-2020-35701)
Jan 4, 2021
netniV
changed the title
SQL Injection vulnerability due to input validation errors when diagnosing datasources (CVE-2020-35701)
SQL Injection was possible due to incorrect validation order (CVE-2020-35701)
Apr 30, 2021
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
bugUndesired behaviourresolvedA fixed issueSECURITYA security issue reported through CVE
Describe the bug
Due to a lack of validation, data_debug.php can be the source of a SQL injection.
Expected behavior
Cacti should be safe from SQL injections
The text was updated successfully, but these errors were encountered: