> In ports we have Cacti 0.8.8a. > According to 0.8.8b release notes > (http://www.cacti.net/release_notes_0_8_8b.php), "multiple ... SQL > injection vulnerabilities" were fixed in that release. > Portaudit doesn't bring up any warning. I just send a PR to update the vuxml database ( ports/181606 )