Bounties
Partners
Community
Info
librenms / librenms
Project repository
Community-based GPL-licensed network monitoring system
Submit a report
FIRST INTERACTION
WITHIN
1 DAY
REVIEW
WITHIN
46 DAYS
FIX
WITHIN
76 DAYS
Time-Based Blind SQL injection leads to database extraction
Oct 16th 2023
nishaaaap
•
High
High
•
CVE-2023-5591
CVE-2023-5591
Rate limit Bypass on login page
Oct 6th 2023
sospiro014
•
informative
Medium
Dom XSS in module "Search IPv6"
Sep 19th 2023
trunggg02
•
High
High
•
CVE-2023-5060
CVE-2023-5060
Cookie without Secure flag
Oct 6th 2023
nyeooo
•
not applicable
DOM XSS at index FBD Table
Sep 15th 2023
hainguyen0207
•
Critical
Critical
•
CVE-2023-4982
CVE-2023-4982
Dom XSS in module "Search IPv4"
Sep 15th 2023
trunggg02
•
Critical
Critical
•
CVE-2023-4978
CVE-2023-4978
DOM XSS in https://demo.librenms.org/ports
Sep 15th 2023
hainguyen0207
•
High
High
•
CVE-2023-4980
CVE-2023-4980
DOM XSS in https://demo.librenms.org/eventlog
Sep 15th 2023
hainguyen0207
•
High
High
•
CVE-2023-4981
CVE-2023-4981
HTML Injection
Sep 15th 2023
hainguyen0207
•
High
High
•
CVE-2023-4977
CVE-2023-4977
DOM XSS in https://demo.librenms.org/outages
Sep 15th 2023
hainguyen0207
•
High
High
•
CVE-2023-4979
CVE-2023-4979
Stored xss has been found in /addhost
Sep 14th 2023
aymenborgi1
•
not applicable
Reflected XSS
Aug 15th 2023
mike993
•
High
High
•
CVE-2023-4347
CVE-2023-4347
SNMP location XSS vulnerability
Aug 15th 2023
zluudg
•
Medium
Medium
Stored XSS on Notifications
Jan 2nd 2023
seifallahhomrani1
•
self closed
HTML injection possible via LLDP
Sep 15th 2023
zluudg
•
High
High
Stored XSS on Dashboard
Jan 30th 2023
mike993
•
self closed
Unauthenticated, Stored XSS to RCE via SNMP Trap
Jan 24th 2023
stefan-schiller-sonarsource
•
High
High
Stored Cross-Site Scripting (XSS)
Sep 15th 2023
vautia
•
Medium
Medium
Deserialization of arbitrary data leads to RCE
Nov 20th 2022
hordalex
•
Critical
Critical
•
CVE-2022-3525
CVE-2022-3525
Stored XSS in Notifications
Nov 20th 2022
filipkania
•
Medium
Medium
•
CVE-2022-3516
CVE-2022-3516
Mass Assignment leads to Stored XSS
Nov 20th 2022
vautia
•
High
High
•
CVE-2022-4068
CVE-2022-4068
Insufficient Session Expiration
Nov 20th 2022
vautia
•
Low
Low
•
CVE-2022-4070
CVE-2022-4070
Stored Cross-Site Scripting (XSS)
Nov 20th 2022
vautia
•
Low
Low
•
CVE-2022-4069
CVE-2022-4069
Stored Cross-Site Scripting (XSS)
Nov 20th 2022
vautia
•
Low
Low
•
CVE-2022-4067
CVE-2022-4067
Stored Cross-Site Scripting (XSS) on Schedule Maintenance "Title" parameter
Sep 16th 2022
saitamang
•
Medium
Medium
•
CVE-2022-3231
CVE-2022-3231
librenms alert-rules Stored XSS
Nov 20th 2022
dnr6419
•
Medium
Medium
•
CVE-2022-3561
CVE-2022-3561
librenms bills Description & Notes Stored XSS
Nov 20th 2022
dnr6419
•
Medium
Medium
•
CVE-2022-3562
CVE-2022-3562
Cross-site Scripting (XSS) - Stored
Feb 27th 2022
ribersec
•
Medium
Medium
•
CVE-2022-0772
CVE-2022-0772
Cross-site Scripting (XSS) - Stored
Feb 14th 2022
faisalfs10x
•
Medium
•
$15
Medium
•
$15
•
CVE-2022-0589
CVE-2022-0589
Improper Authorization
Feb 14th 2022
faisalfs10x
•
High
•
$30
High
•
$30
•
CVE-2022-0587
CVE-2022-0587
Exposure of Sensitive Information to an Unauthorized Actor
Feb 14th 2022
faisalfs10x
•
High
•
$30
High
•
$30
•
CVE-2022-0588
CVE-2022-0588
Improper Access Control
Feb 14th 2022
faisalfs10x
•
High
•
$36
High
•
$36
•
CVE-2022-0580
CVE-2022-0580
Cross-site Scripting (XSS) - Generic
Feb 13th 2022
faisalfs10x
•
Medium
•
$15
Medium
•
$15
•
CVE-2022-0576
CVE-2022-0576
Cross-site Scripting (XSS) - Stored
Feb 13th 2022
faisalfs10x
•
Medium
•
$15
Medium
•
$15
•
CVE-2022-0575
CVE-2022-0575
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
