SQL Injection Vulnerability in LibreNMS 1.47: Exploitable via html/ajax_table.php sort[hostname] Parameter
CVE-2018-20678 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
LibreNMS through 1.47 allows SQL injection via the html/ajax_table.php sort[hostname] parameter, exploitable by authenticated users during a search.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.