Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.
Max CVSS
4.3
EPSS Score
0.38%
Published
2014-06-16
Updated
2018-10-30
The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.
Max CVSS
5.0
EPSS Score
6.31%
Published
2009-08-21
Updated
2018-10-10
2 vulnerabilities found