[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-35701":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":54,"duplicate_of":9,"upstream":55,"downstream":56,"duplicates":69,"related":70,"reserved_at":9,"published_at":74,"modified_at":75,"state":76,"summary":77,"references_raw":85,"kevs":116,"epss":117,"epss_history":120,"metrics":381,"affected":392},"CVE-2020-35701","An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-89","Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-108","Command Line Execution through SQL Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-109","Object Relational Mapping Injection",[],{"id":29,"name":30,"techniques":31},"CAPEC-110","SQL Injection through SOAP Parameter Tampering",[],{"id":33,"name":34,"techniques":35},"CAPEC-470","Expanding Control over the Operating System from the Database",[],{"id":37,"name":38,"techniques":39},"CAPEC-66","SQL Injection",[],{"id":41,"name":42,"techniques":43},"CAPEC-7","Blind SQL Injection",[],[45],{"_key":46,"name":47,"source":48,"url":49,"maturity":50,"reliability_score":51,"verified":52,"type":9,"platforms":53,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_7A15F74BA26256EB","Exploit Reference (asaf.me)","reference","https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/","unknown",0.2,false,[],[],[],[57,59,61,63,65,67],{"_key":58},"OPENSUSE-SU-2021:0787-1",{"_key":60},"UBUNTU-CVE-2020-35701",{"_key":62},"OPENSUSE-SU-2021:0755-1",{"_key":64},"OPENSUSE-SU-2024:10670-1",{"_key":66},"USN-5214-1",{"_key":68},"DEBIAN-CVE-2020-35701",[],[71,72,73],{"_key":58},{"_key":62},{"_key":64},"2021-01-11T15:57:51.000Z","2024-08-04T17:09:15.124Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":78,"epss_score":79,"severity":80,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":76},"low",0.01924,"high",8.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[86,93,97,103,108,112],{"url":49,"sources":87,"tags":89},[88,83],"cve.org",[90,91,92],"X Refsource MISC","Exploit","Third Party Advisory",{"url":94,"sources":95,"tags":96},"https://github.com/Cacti/cacti/issues/4022",[88,83],[90,92],{"url":98,"sources":99,"tags":100},"https://security.gentoo.org/glsa/202101-31",[88,83],[101,102,92],"Vendor Advisory","X Refsource GENTOO",{"url":104,"sources":105,"tags":106},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NBKBR2MFZJ6C2I4I5PCRR6UERPY24XZN/",[88,83],[101,107],"X Refsource FEDORA",{"url":109,"sources":110,"tags":111},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DDD22Z56THHDTXAFM447UH3BVINURIF/",[88,83],[101,107],{"url":113,"sources":114,"tags":115},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7DPUWZBAMCXFKAKUAJSHL3CKTOLGAK6/",[88,83],[101,107],[],{"date":118,"score":79,"percentile":119},"2026-06-04",0.83695,[121,125,128,131,134,136,139,141,143,146,149,152,155,157,160,164,167,170,173,175,178,181,184,186,189,192,195,198,201,204,207,210,213,215,217,219,222,225,228,231,234,237,239,241,244,247,249,252,255,258,261,264,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,324,328,331,334,337,339,342,345,348,351,354,357,360,363,366,369,372,375,378],{"date":122,"score":123,"percentile":124},"2025-11-04",0.05865,0.90148,{"date":126,"score":123,"percentile":127},"2025-11-05",0.90145,{"date":129,"score":123,"percentile":130},"2025-11-06",0.90144,{"date":132,"score":123,"percentile":133},"2025-11-07",0.90151,{"date":135,"score":123,"percentile":133},"2025-11-08",{"date":137,"score":123,"percentile":138},"2025-11-09",0.90149,{"date":140,"score":123,"percentile":138},"2025-11-10",{"date":142,"score":123,"percentile":124},"2025-11-11",{"date":144,"score":123,"percentile":145},"2025-11-12",0.90155,{"date":147,"score":123,"percentile":148},"2025-11-13",0.90159,{"date":150,"score":123,"percentile":151},"2025-11-14",0.90161,{"date":153,"score":123,"percentile":154},"2025-11-15",0.90158,{"date":156,"score":123,"percentile":151},"2025-11-16",{"date":158,"score":123,"percentile":159},"2025-11-17",0.90157,{"date":161,"score":162,"percentile":163},"2025-11-18",0.02825,0.84883,{"date":165,"score":162,"percentile":166},"2025-11-19",0.84884,{"date":168,"score":162,"percentile":169},"2025-11-20",0.8489,{"date":171,"score":123,"percentile":172},"2025-11-21",0.90167,{"date":174,"score":123,"percentile":172},"2025-11-22",{"date":176,"score":123,"percentile":177},"2025-11-23",0.90166,{"date":179,"score":123,"percentile":180},"2025-11-24",0.90168,{"date":182,"score":123,"percentile":183},"2025-11-25",0.9017,{"date":185,"score":123,"percentile":183},"2025-11-26",{"date":187,"score":123,"percentile":188},"2025-11-27",0.90169,{"date":190,"score":123,"percentile":191},"2025-11-28",0.9016,{"date":193,"score":123,"percentile":194},"2025-11-29",0.90199,{"date":196,"score":123,"percentile":197},"2025-11-30",0.902,{"date":199,"score":123,"percentile":200},"2025-12-01",0.90258,{"date":202,"score":123,"percentile":203},"2025-12-02",0.90261,{"date":205,"score":123,"percentile":206},"2025-12-03",0.90262,{"date":208,"score":123,"percentile":209},"2025-12-04",0.90203,{"date":211,"score":123,"percentile":212},"2025-12-05",0.90205,{"date":214,"score":123,"percentile":209},"2025-12-06",{"date":216,"score":123,"percentile":197},"2025-12-07",{"date":218,"score":123,"percentile":197},"2025-12-08",{"date":220,"score":123,"percentile":221},"2025-12-09",0.90204,{"date":223,"score":123,"percentile":224},"2025-12-10",0.90213,{"date":226,"score":123,"percentile":227},"2025-12-11",0.90217,{"date":229,"score":123,"percentile":230},"2025-12-12",0.90221,{"date":232,"score":123,"percentile":233},"2025-12-13",0.90222,{"date":235,"score":123,"percentile":236},"2025-12-14",0.9022,{"date":238,"score":123,"percentile":236},"2025-12-15",{"date":240,"score":123,"percentile":227},"2025-12-16",{"date":242,"score":123,"percentile":243},"2025-12-17",0.90224,{"date":245,"score":123,"percentile":246},"2025-12-18",0.90232,{"date":248,"score":123,"percentile":246},"2025-12-19",{"date":250,"score":123,"percentile":251},"2025-12-20",0.9023,{"date":253,"score":123,"percentile":254},"2025-12-21",0.90241,{"date":256,"score":123,"percentile":257},"2025-12-22",0.90242,{"date":259,"score":123,"percentile":260},"2025-12-23",0.90245,{"date":262,"score":123,"percentile":263},"2025-12-24",0.90252,{"date":265,"score":266,"percentile":267},"2025-12-25",0.02452,0.84793,{"date":269,"score":266,"percentile":270},"2025-12-26",0.84796,{"date":272,"score":266,"percentile":273},"2025-12-27",0.84846,{"date":275,"score":266,"percentile":276},"2025-12-28",0.84785,{"date":278,"score":266,"percentile":279},"2025-12-29",0.84781,{"date":281,"score":266,"percentile":282},"2025-12-30",0.84787,{"date":284,"score":266,"percentile":285},"2025-12-31",0.84798,{"date":287,"score":266,"percentile":288},"2026-01-01",0.84861,{"date":290,"score":266,"percentile":291},"2026-01-02",0.84859,{"date":293,"score":266,"percentile":294},"2026-01-03",0.84855,{"date":296,"score":266,"percentile":297},"2026-01-04",0.84784,{"date":299,"score":266,"percentile":300},"2026-01-05",0.84776,{"date":302,"score":266,"percentile":303},"2026-01-06",0.84782,{"date":305,"score":266,"percentile":306},"2026-01-07",0.8478,{"date":308,"score":266,"percentile":309},"2026-01-08",0.8479,{"date":311,"score":266,"percentile":312},"2026-01-09",0.84795,{"date":314,"score":266,"percentile":315},"2026-01-10",0.84791,{"date":317,"score":266,"percentile":318},"2026-01-11",0.84788,{"date":320,"score":266,"percentile":321},"2026-01-12",0.84783,{"date":323,"score":266,"percentile":279},"2026-01-13",{"date":325,"score":326,"percentile":327},"2026-01-14",0.01839,0.82496,{"date":329,"score":326,"percentile":330},"2026-01-15",0.82493,{"date":332,"score":326,"percentile":333},"2026-01-16",0.82504,{"date":335,"score":326,"percentile":336},"2026-01-17",0.82506,{"date":338,"score":326,"percentile":333},"2026-01-18",{"date":340,"score":326,"percentile":341},"2026-01-19",0.825,{"date":343,"score":326,"percentile":344},"2026-01-20",0.82501,{"date":346,"score":326,"percentile":347},"2026-01-21",0.82507,{"date":349,"score":326,"percentile":350},"2026-01-22",0.82516,{"date":352,"score":326,"percentile":353},"2026-01-23",0.82536,{"date":355,"score":326,"percentile":356},"2026-01-24",0.82542,{"date":358,"score":326,"percentile":359},"2026-01-25",0.82535,{"date":361,"score":326,"percentile":362},"2026-01-26",0.82532,{"date":364,"score":326,"percentile":365},"2026-01-27",0.82529,{"date":367,"score":326,"percentile":368},"2026-01-28",0.8253,{"date":370,"score":326,"percentile":371},"2026-01-29",0.82533,{"date":373,"score":326,"percentile":374},"2026-01-30",0.82539,{"date":376,"score":326,"percentile":377},"2026-01-31",0.82545,{"date":379,"score":326,"percentile":380},"2026-02-01",0.82622,[382],{"source":83,"cvss_v2_0":383,"cvss_v3_0":9,"cvss_v3_1":388,"cvss_v4_0":9},{"baseScore":384,"baseSeverity":9,"vectorString":385,"impactScore":386,"exploitabilityScore":387},6.5,"AV:N/AC:L/Au:S/C:P/I:P/A:P",6.4,8,{"baseScore":81,"baseSeverity":389,"vectorString":84,"impactScore":390,"exploitabilityScore":391},"HIGH",9.8,7.2,[393,403],{"ecosystem":9,"name":394,"vendor":9,"product":394,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":395},"Cacti",[396],{"version":397,"is_range":398,"range_type":399,"version_start":400,"version_start_type":401,"version_end":402,"version_end_type":401,"fixed_in":9},"gte1.2.0_lte1.2.16",true,"cpe","1.2.0","including","1.2.16",{"ecosystem":9,"name":404,"vendor":405,"product":404,"cpe_part":406,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":407},"fedora","fedoraproject","o",[408,410,412],{"version":409,"is_range":52,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"version":411,"is_range":52,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33",{"version":413,"is_range":52,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34"]