Vulnerabilities (CVE)

Filtered by vendor Ntop Subscribe

Filtered by product Ntopng

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-5464	1 Ntop	1 Ntopng	2018-10-09	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header.
CVE-2014-4329	1 Ntop	1 Ntopng	2017-08-29	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
CVE-2015-8368	1 Ntop	1 Ntopng	2015-12-18	6.0 MEDIUM	N/A
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.