CVE-2005-10004HIGHCVSS 8.7PoC≥ *, < 0.8.6-d2025-08-30
CVE-2005-10004 [HIGH] CWE-78 CVE-2005-10004: Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.p
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privile
nvd