Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Huntr
Huntradded 2022/02/12 10:13 p.m.25 views

Improper Access Control in librenms/librenms

Description Improper Access Control vulnerability in LibreNMS v22.1.0 allows attackers with the normal role/level to interact with port-groups functionality such as create, edit/modify and delete the existing port group. The port-groups functionality fails to enforce policy such that normal users...

6.5CVSS7.6AI score0.00002EPSS
Exploits1
Huntr
Huntradded 2022/02/12 9:28 p.m.28 views

Cross-site Scripting (XSS) - Generic in librenms/librenms

Description Cross-Site Scripting vulnerability in LibreNMS v22.1.0 which allows attackers to execute arbitrary javascript code which affected Alerts module Alert Transport in Transport name field. Proof of Concept Endpoint: 1 POST http://HOST/ajaxform.php - Parameter name Payload: ' XSS will...

4.3CVSS0.2AI score0.00006EPSS
Exploits1
Huntr
Huntradded 2022/02/12 7:20 p.m.21 views

Cross-site Scripting (XSS) - Stored in librenms/librenms

Description Cross-Site Scripting vulnerability in LibreNMS v22.1.0 which allows attackers to execute arbitrary javascript code in the browser of a victim which affected Devices module Add Device in sysName, Hardware and Community fields. Proof of Concept Endpoint: 1 POST http://HOST/addhost...

3.5CVSS0.2AI score0.00026EPSS
Exploits1
Rows per page
Query Builder