{"id":"DEBIAN-CVE-2011-4824","details":"SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.","modified":"2026-03-11T07:06:53.549258Z","published":"2011-12-15T03:57:34.607Z","upstream":["CVE-2011-4824"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2011-4824"}],"affected":[{"package":{"name":"cacti","ecosystem":"Debian:11","purl":"pkg:deb/debian/cacti?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.7i-1"}]}],"ecosystem_specific":{"urgency":"high"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2011-4824.json"}},{"package":{"name":"cacti","ecosystem":"Debian:12","purl":"pkg:deb/debian/cacti?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.7i-1"}]}],"ecosystem_specific":{"urgency":"high"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2011-4824.json"}},{"package":{"name":"cacti","ecosystem":"Debian:13","purl":"pkg:deb/debian/cacti?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.7i-1"}]}],"ecosystem_specific":{"urgency":"high"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2011-4824.json"}},{"package":{"name":"cacti","ecosystem":"Debian:14","purl":"pkg:deb/debian/cacti?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.7i-1"}]}],"ecosystem_specific":{"urgency":"high"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2011-4824.json"}}],"schema_version":"1.7.5"}