Librenms

Librenms

101 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-49759

Exploit
  • EPSS 0.4%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:40:17

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "bill_name" parameter...

5.4

CVE-2024-49764

Exploit
  • EPSS 0.67%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:40:02

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Capture Debug Information" page allows authenticated users to inject arbitrary JavaScript through the "hostname" par...

5.4

CVE-2024-50350

Exploit
  • EPSS 0.69%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:39:51

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when crea...

5.4

CVE-2024-50351

Exploit
  • EPSS 0.79%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 21.11.2024 23:37:56

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the "section" parameter of the "logs" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerabil...

5.4

CVE-2024-50352

Exploit
  • EPSS 10.33%
  • Veröffentlicht 15.11.2024 16:15:35
  • Zuletzt bearbeitet 20.11.2024 14:37:42

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Services" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the ...

5.4

CVE-2024-49754

Exploit
  • EPSS 8.59%
  • Veröffentlicht 15.11.2024 16:15:34
  • Zuletzt bearbeitet 20.11.2024 15:02:42

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the API-Access page allows authenticated users to inject arbitrary JavaScript through the "token" parameter when creating...

4.8

CVE-2024-49758

Exploit
  • EPSS 0.06%
  • Veröffentlicht 15.11.2024 16:15:34
  • Zuletzt bearbeitet 20.11.2024 14:40:36

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the dev...

4.8

CVE-2024-47528

Exploit
  • EPSS 0.41%
  • Veröffentlicht 01.10.2024 21:15:08
  • Zuletzt bearbeitet 19.12.2024 21:15:08

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting (XSS) can be achieved by uploading a new Background for a Custom Map. Users with "admin" role can set background for a custom map, this allow the ...

5.4

CVE-2024-47523

Exploit
  • EPSS 0.38%
  • Veröffentlicht 01.10.2024 21:15:07
  • Zuletzt bearbeitet 07.10.2024 19:07:30

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section (w...

4.8

CVE-2024-47524

Exploit
  • EPSS 0.04%
  • Veröffentlicht 01.10.2024 21:15:07
  • Zuletzt bearbeitet 19.12.2024 15:43:50

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Groups name, when user see the detail of the Device Gr...