CVE-2014-4000
N/A
N/A
Summary
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashes()).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://security-tracker.debian.org/tracker/CVE-2014-4000
- https://forums.cacti.net/viewtopic.php?f=4&t=56794
- https://security.gentoo.org/glsa/201711-10
- https://www.cacti.net/release_notes_1_0_0.php
References
- https://security-tracker.debian.org/tracker/CVE-2014-4000
- https://forums.cacti.net/viewtopic.php?f=4&t=56794
- https://security.gentoo.org/glsa/201711-10
- https://www.cacti.net/release_notes_1_0_0.php
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.