Lucene search
K

878 matches found

CVE
CVE
added 2014/07/02 10:0 a.m.60 views

CVE-2014-4692

CVE-2014-4692 affects pfSense prior to 2.1.4. The vulnerability is that the session cookie Set-Cookie header is not marked HTTPOnly when using HTTP, enabling potential script access to the cookie and exposure of sensitive data. There is no explicit exploitation detail in the provided documents, a...

4.3CVSS6.2AI score0.02109EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/07/02 10:0 a.m.25 views

CVE-2014-4688

pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via 1 the hostname value to diagdns.php in a Create Alias action, 2 the smartmonemail value to diagsmart.php, or 3 the database value to statusrrdgraphimg.php...

7AI score0.07029EPSS
Exploits5References2
CVE
CVE
added 2014/07/02 10:0 a.m.49 views

CVE-2014-4694

CVE-2014-4694 refers to multiple XSS vulnerabilities in the pfSense Suricata package, specifically in suricata_select_alias.php. The issue affects Suricata before 1.0.6 for pfSense up through version 2.1.4. The root cause is insufficient input sanitization on unspecified variables, enabling remot...

4.3CVSS5.9AI score0.01661EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2014/07/02 10:0 a.m.102 views

CVE-2014-4688

PfSense

6.5CVSS7.2AI score0.07029EPSS
Exploits5References2Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

pfSense 2.0.1 - XSS / CSRF / Remote Command Execution

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

pfSense 2.1 build 20130911-1816 - Directory Traversal

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

PFsense UTM Platform 2.0.1 XSS Vulnerability

No description provided by source. ???????????????????????????????????????????????????????????????????????????????? ? Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication ? Date: 04/01/2013 ? Author: Dimitris Strevinas ? Vendor or Software Link: www.pfsense.org ? Version: =...

7.1AI score
Exploits0
Dsquare
Dsquare
added 2014/04/29 12:0 a.m.159 views

pfSense Snort File Disclosure

File disclosure vulnerability in snortlogview.php Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

7.2AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/03/09 12:0 a.m.1 views

ESF pfSense webConfigurator firewall_aliases_edit.php Input Validation Error

An input validation error vulnerability exists in Electric Sheep Fencing pfSense firewall. The vulnerability is due to insufficient validation of user supplied input when processing the addressN parameter in firewallaliasesedit.php. A remote authenticated attacker could exploit this vulnerability...

6.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/03/09 12:0 a.m.3 views

ESF pfSense Snort snort_log_view.php Information Disclosure

An information disclosure vulnerability exists in the pfSense Snort service. The vulnerability is due to insufficient validation of user-supplied input. A remote, authenticated attacker could use this vulnerability to retrieve valuable information from the server...

6.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/07 12:0 a.m.37 views

pfSense 2.1 build 20130911-1816目录遍历漏洞

No description provided by source. Proof of Concept 1 : Arbitrary File Inclusion ====================================================================== GET /snort/snortlogview.php?logfile=/etc/passwd HTTP/1.1 Host: firewall1.pentestlab1:1337 Connection: keep-alive Accept:...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/01/29 12:0 a.m.49 views

pfSense 2.1 build 20130911-1816 - Directory Traversal

pfSense version 2.1 suffers from local file inclusion, privilege escalation, and directory traversal vulnerabilities. | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Exploit Title: pfSense 2.1 Privilege Escalation from less privileged users...

7AI score
Exploits0
exploitpack
exploitpack
added 2014/01/29 12:0 a.m.28 views

pfSense 2.1 build 20130911-1816 - Directory Traversal

pfSense 2.1 build 20130911-1816 - Directory Traversal | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Exploit Title: pfSense 2.1 Privilege Escalation from less privileged users LFI/RCE Date: 25/01/2014 0-day Exploit Author: @u0x Pichaya...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/01/29 12:0 a.m.43 views

pfSense 2.1 build 20130911-1816 - Directory Traversal

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Exploit Title: pfSense 2.1 Privilege Escalation from less privileged users LFI/RCE Date: 25/01/2014 0-day Exploit Author: @u0x Pichaya Morimoto Software Link: www.pfsense.org Category: Local...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/01/28 12:0 a.m.44 views

pfSense 2.1 Inclusion / Traversal / Escalation

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Exploit Title: pfSense 2.1 Privilege Escalation from less privileged users LFI/RCE Date: 25/01/2014 0-day Exploit Author: @u0x Pichaya Morimoto Software Link: www.pfsense.org Category: Local...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2013/12/28 12:0 a.m.12 views

PT-2023-11526 · Suricata +3 · Suricata +3

Name of the Vulnerable Software and Affected Versions: Pfsense version 2.1.3 Pfsense Suricata version 1.4.6 pkg version 1.0.1 Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information via the file parameter to the "suricata/suricata logs browser.php"...

7.5CVSS6.5AI score0.03473EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2013/01/29 12:0 a.m.39 views

PFsense UTM Platform 2.0.1 XSS / CSRF

┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link: www.pfsense.org │ Version: = 2.0.1 │ Category: Semi-Persistent X...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/01/29 12:0 a.m.34 views

pfSense UTM Platform 2.0.1 - Cross-Site Scripting

pfSense UTM Platform 2.0.1 - Cross-Site Scripting ┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link: www.pfsense.or...

6.8AI score
Exploits0
0day.today
0day.today
added 2013/01/29 12:0 a.m.36 views

PFsense <= 2.0.1 XSS / CSRF Vulnerabilities

Exploit for freebsd platform in category web applications ┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/29 12:0 a.m.42 views

pfSense UTM Platform 2.0.1 - Cross-Site Scripting

┴┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┬┴ │ Exploit Title: pfSense = 2.0.1 XSS & CSRF during IPSec XAuth authentication │ Date: 04/01/2013 │ Author: Dimitris Strevinas │ Vendor or Software Link: www.pfsense.org │ Version: = 2.0.1 │ Category: Semi-Persistent...

7.4AI score
Exploits0
Rows per page
Query Builder