6.5
CVSSv2

CVE-2018-20678

Published: 28/03/2019 Updated: 28/03/2019
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

LibreNMS up to and including 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

librenms librenms

Github Repositories

1、说明 该工具主要用于指纹识别后,进行漏洞精准扫描。 2、命令使用 pocscanexe -h //查看帮助 pocscanexe -l //列举可用的检测列表 poccanexe -m smart -f urltxt //通过智能模式识别相应的指纹(目前只针对web指纹识别),进行精准poc插件调用 pocscanexe -m all -f urltxt //通过遍历所有的PoC插件进行漏