CVE-2014-5262 on Ubuntu 16.04 LTS (xenial) - medium.
Description:
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.