CVE-2020-23588

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to "Enable or Disable Ports" and to "Change port number" through " /rmtacc.asp "...

EUVD-2024-3206

Malicious code in bioql PyPI...

CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

CVE-2025-54497 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical Resource

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

Cross-Site Scripting (XSS)

librenms/librenms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization of the "name" parameter on the "Port Settings" page, allowing an attacker to inject arbitrary JavaScript, which executes when the page is accessed, potentially compromising user...

Cross Site Scripting (XSS)

librenms/librenms is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in the "descr" parameter on the "Port Settings" page, allowing authenticated users to inject arbitrary JavaScript...

CVE-2024-51494

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability...

CVE-2024-50350

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results...

CVE-2024-51494 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability...

CVE-2024-51494

CVE-2024-51494 – Stored XSS in LibreNMS A stored Cross-Site Scripting vulnerability exists in LibreNMS (librenms/librenms) on the Port Settings page. The XSS is triggered via the descr parameter when editing a device port, allowing an authenticated attacker to inject JavaScript that can execute i...

CVE-2024-51494 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability...

LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

Summary A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability can lead to the execution of malicious code when the "Port Settings...

GHSA-7663-37RG-C377 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

Summary A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "descr" parameter when editing a device's port settings. This vulnerability can lead to the execution of malicious code when the "Port Settings...

CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results...

CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results...

CVE-2024-50350 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results...

CVE-2024-50350

LibreNMS exposes a Stored XSS in Port Settings when creating a Port Group via EditPortsController.php. An authenticated user can inject JavaScript into the name field, which executes when the Port Settings page is revisited after the Port Group is added to a device. Impact includes potential sess...

LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

Summary A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability results in the execution of malicious code when the "Port Settings" page is...

LibreNMS 跨站脚本漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. LibreNMS suffers from a cross-site scripting vulnerability that stems from a stored...

PT-2024-34658 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: A Stored Cross-Site Scripting XSS vulnerability in the "Port Settings" page allows authenticated users to inject arbitrary JavaScript through the descr parameter when editing a device's port...