Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Circl
Circladded 2018/05/29 3:50 p.m.2 views

CVE-2017-1000479

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pfsenseclickjacking.rb...

8.8CVSS8.6AI score0.18994EPSS
Exploits2References1
CVE
CVEadded 2018/01/03 9:0 p.m.34 views

CVE-2018-5191

CVE-2018-5191 is a reservation duplicate of CVE-2017-1000479 and not a separate vulnerability entry. CVE-2017-1000479 affects pfSense versions 2.4.1 and lower, exposing a clickjacking vulnerability in the CSRF error page that can lead to privileged code execution because the check occurs before a...

8.7AI score
Exploits1
OSV
OSVadded 2018/01/03 6:29 p.m.10 views

CVE-2017-1000479

pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not...

8.8CVSS8.8AI score
Exploits0References6
Metasploit
Metasploitadded 2017/11/22 10:6 a.m.42 views

Clickjacking Vulnerability In CSRF Error Page pfSense

This module exploits a Clickjacking vulnerability in pfSense 'Clickjacking Vulnerability In CSRF Error Page pfSense', 'Description' = %q This module exploits a Clickjacking vulnerability in pfSense 'Yorick Koster', 'Payload'...

8.8CVSS7.7AI score0.18994EPSS
Exploits2
Rows per page
Query Builder