RSS   Vulnerabilities for 'Librenms'   RSS

2022-06-02
 
CVE-2022-29711

CWE-79
 

 
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.

 
 
CVE-2022-29712

CWE-77
 

 
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.

 
2022-02-27
 
CVE-2022-0772

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.

 
2022-02-15
 
CVE-2022-0587

CWE-285
 

 
Improper Authorization in Packagist librenms/librenms prior to 22.2.0.

 
 
CVE-2022-0588

CWE-200
 

 
Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.

 
 
CVE-2022-0589

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.

 
2021-12-03
 
CVE-2021-44278

CWE-22
 

 
Librenms 21.11.0 is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.

 
2021-12-01
 
CVE-2021-44277

CWE-79
 

 
Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/common/alert-log.inc.php.

 
 
CVE-2021-44279

CWE-79
 

 
Librenms 21.11.0 is affected by a Cross Site Scripting (XSS) vulnerability in includes/html/forms/poller-groups.inc.php.

 
2021-11-03
 
CVE-2021-43324

CWE-79
 

 
LibreNMS through 21.10.2 allows XSS via a widget title.

 


Copyright 2022, cxsecurity.com

 

Back to Top