SQL injection and shell escaping issues were discovered and fixed in cacti . The updated packages have been upgraded to the 0.8.8b version which is not vulnerable to these issues.