651
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting (XSS) can be achieved by uploading a new Background for a Custom Map. Users with "admin" role c…
|
CWE-79 CWE-116 CWE-434
Cross-site Scripting Improper Encoding or Escaping of Output Unrestricted Upload of File with Dangerous Type
|
CVE-2024-47528
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
652
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Device Dependencies" feature allows authenticated users to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47527
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
653
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary Java…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47526
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
654
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Rules" feature allows authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47525
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
655
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Gro…
|
-
|
CVE-2024-47524
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
656
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
657
|
- |
|
-
|
-
|
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip function.
|
-
|
CVE-2024-46084
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
658
|
- |
|
-
|
-
|
Scriptcase v.9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in nm_cor.php via the form and field parameters.
|
-
|
CVE-2024-46082
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
659
|
9.8 |
CRITICAL
Network
oracle
|
weblogic_server
|
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-2628
|
2024-10-4 22:35 |
2018-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
660
|
4.8 |
MEDIUM
Network
|
funnyzpc
|
mee-admin
|
A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6. This affects an unknown part of the file /mee/index of the component User Center. The manipulation of …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9279
|
2024-10-4 22:31 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|