CVE-2018-20678
CVE-2018-20678 affects LibreNMS (up to 1.47) and describes a SQL injection vulnerability in the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search. The root cause is insufficient validation/parameter handling of hostname sort input, enabling arbitrary...