Vulnerabilities for Librenms (...) - CXSECURITY.COM

Vulnerabilities for 'Librenms'

2022-06-02

CVE-2022-29711

CWE-79

LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.

CVE-2022-29712

CWE-77

LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.

2022-02-27

CVE-2022-0772

CWE-79

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.

2022-02-15

CVE-2022-0587

CWE-285

Improper Authorization in Packagist librenms/librenms prior to 22.2.0.

CVE-2022-0588

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.

CVE-2022-0589

CWE-79

Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.

2021-12-03

CVE-2021-44278

CWE-22

Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.

2021-12-01

CVE-2021-44277

CWE-79

Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/alert-log.inc.php.

CVE-2021-44279

CWE-79

Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/forms/poller-groups.inc.php.

2021-11-03

CVE-2021-43324

CWE-79

LibreNMS through 21.10.2 allows XSS via a widget title.

Copyright 2024, cxsecurity.com