Gentoo Linux Security Advisory 201401-20 - Multiple vulnerabilities have been found in Cacti, allowing attackers to execute arbitrary code or perform XSS attacks. Versions less than 0.8.8b are affected.
60e499dc878470aef030b4e84ae80fe629bbd4de79b08c73333effba0110f1fd
Mandriva Linux Security Advisory 2013-215 - SQL injection and shell escaping issues were discovered and fixed in cacti. The updated packages have been upgraded to the 0.8.8b version which is not vulnerable to these issues.
1b7d6435cb76a412b78aa80f4b37e5b1fa3ac4f8c06b625dc1b3bc413a1b3fde
Debian Linux Security Advisory 2739-1 - Two security issues (SQL injection and command line injection via SNMP settings) were found in Cacti, a web interface for graphing of monitoring systems.
4f76b681152227ee548d6e842eaa9300d16504ad370b4b15992496ea92e4272c