Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
librenms librenms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-3231
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.9.0.
Librenms Librenms
6.1
CVSSv3
CVE-2021-43324
LibreNMS up to and including 21.10.2 allows XSS via a widget title.
Librenms Librenms
1 Github repository
9.8
CVSSv3
CVE-2022-4070
Insufficient Session Expiration in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
8.8
CVSSv3
CVE-2018-20678
LibreNMS up to and including 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search.
Librenms Librenms
8.8
CVSSv3
CVE-2019-12463
An issue exists in LibreNMS 1.50.1. The scripts that handle graphing options (includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_e...
Librenms Librenms
8.8
CVSSv3
CVE-2020-35700
A second-order SQL injection issue in Widgets/TopDevicesController.php (aka the Top Devices dashboard widget) of LibreNMS prior to 21.1.0 allows remote authenticated malicious users to execute arbitrary SQL commands via the sort_order parameter against the /ajax/form/widget-setti...
Librenms Librenms
6.1
CVSSv3
CVE-2022-3561
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
5.4
CVSSv3
CVE-2022-3562
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
5.4
CVSSv3
CVE-2023-4977
Code Injection in GitHub repository librenms/librenms before 23.9.0.
Librenms Librenms
6.1
CVSSv3
CVE-2022-3516
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms before 22.10.0.
Librenms Librenms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »