Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-PHP-LIBRENMSLIBRENMS-5969526
- published 16 Oct 2023
- disclosed 16 Oct 2023
- credit Nisha Thakur
How to fix?
A fix was pushed into the
master branch but not yet published.
librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support.
Affected versions of this package are vulnerable to SQL Injection due to the improper neutralisation of special elements used in
address-search.inc.php file. An attacker can manipulate the SQL query to gain unauthorised access to data by injecting malicious SQL code.