Vulnerabilities > OPT NET

DATE CVE VULNERABILITY TITLE RISK
2019-02-04 CVE-2019-1000024 Cross-site Scripting vulnerability in Opt-Net Ng-Netms 3.3/3.5/3.62
OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting (XSS) vulnerability in /js/libs/jstree/demo/filebrowser/index.php page.
network
low complexity
opt-net CWE-79
6.1
2019-02-04 CVE-2019-1000023 SQL Injection vulnerability in Opt-Net Ng-Netms 3.3/3.5/3.62
OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, id_access_type and id_attr_access that can result in a malicious attacker can include own SQL commands which database will execute.
network
low complexity
opt-net CWE-89
critical
9.8