Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
librenms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-3561
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
NA
CVE-2022-3562
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
NA
CVE-2022-4067
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
NA
CVE-2022-4068
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to exec...
Librenms Librenms
NA
CVE-2022-4069
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
NA
CVE-2022-4070
Insufficient Session Expiration in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
4.3
CVSSv2
CVE-2018-18478
Persistent Cross-Site Scripting (XSS) issues in LibreNMS prior to 1.44 allow remote malicious users to inject arbitrary web script or HTML via the dashboard_name parameter in the /ajax_form.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/de...
Librenms Librenms
6.5
CVSSv2
CVE-2019-10669
An issue exists in LibreNMS up to and including 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function ...
Librenms Librenms
1 EDB exploit
3.5
CVSSv2
CVE-2022-0772
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.2.2.
Librenms Librenms
3.5
CVSSv2
CVE-2021-31274
In LibreNMS < 21.3.0, a stored XSS vulnerability was identified in the API Access page due to insufficient sanitization of the $api->description variable. As a result, arbitrary Javascript code can get executed.
Librenms Librenms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »