7 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by...
NTOPNG 2.4 Web Interface - Cross-Site Request Forgery
NTOPNG 2.4 Web Interface - Cross-Site Request Forgery + + Credits / Discovery: John Page AKA Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NTOPNG-CSRF-TOKEN-BYPASS.txt + ISR: ApparitionSEC + Vendor: ============ www.ntop.org Product:...
ntopng Web Interface 2.4.160627 Cross Site Request Forgery
Credits / Discovery: John Page AKA Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NTOPNG-CSRF-TOKEN-BYPASS.txt + ISR: ApparitionSEC + Vendor: ============ www.ntop.org Product: ==================== ntopng Web Interface v2.4.160627 ntopng is...
CVE-2017-5473
Cross-site request forgery CSRF vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/adduser.lua, admin/changeuserprefs.lua, admin/deleteuser.lua, and admin/passwordreset.lua...
CVE-2017-5473
Cross-site request forgery CSRF vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/adduser.lua, admin/changeuserprefs.lua, admin/deleteuser.lua, and admin/passwordreset.lua...
CVE-2017-5473
ntopng Web Interface (ntopng)
CVE-2017-5473
Removed by vendor...