Lucene search
+L

2786 matches found

OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41751

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.08549EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.9 views

CVE-2025-41751

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08549EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.6 views

CVE-2025-41749

An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.00569EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41747

An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

CVE-2025-41745

An XSS vulnerability in pxcportCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-leve...

7.1CVSS5.8AI score0.00569EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.10 views

CVE-2025-41746

An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...

7.1CVSS0.08549EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.7 views

CVE-2025-41747

An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...

7.1CVSS0.08549EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

CVE-2025-41695

An XSS vulnerability in dynconn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.8AI score0.00576EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 8:10 a.m.5 views

CVE-2025-41695 Reflected XSS vulnerability in dyn_conn.php

An XSS vulnerability in dynconn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.00576EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:9 a.m.29 views

CVE-2025-41746 Reflected XSS vulnerability in pxc_portSecCfg.php

An XSS vulnerability in pxcportSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-lev...

7.1CVSS0.08549EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:9 a.m.17 views

CVE-2025-41746

CVE-2025-41746 is a reflected XSS vulnerability in pxc_portSecCfg.php (pxc_portSecCfg.php/pxc portSecCfg.php as reported) that an unauthenticated attacker could leverage to induce an authenticated user to submit a manipulated POST request to change device configuration via the web UI. The issue i...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 8:9 a.m.35 views

CVE-2025-41747 Reflected XSS vulnerability in pxc_vlanIntfCfg.php

An XSS vulnerability in pxcvlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST request to the device in order to change parameters available via web based management WBM. The vulnerability does not provide access to...

7.1CVSS0.08549EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:9 a.m.15 views

CVE-2025-41748

Summary (CVE-2025-41748): A reflected XSS vulnerability in the web application module pxc_Dot1xCfg.php allows an unauthenticated attacker to trick an authenticated user into clicking a malicious link that changes device configuration parameters via the web-based management interface (WBM). The im...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 8:9 a.m.4 views

CVE-2025-41748 Reflected XSS vulnerability in pxc_Dot1xCfg.php

An XSS vulnerability in pxcDot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 8:8 a.m.4 views

CVE-2025-41749 Reflected XSS vulnerability in port_util.php

An XSS vulnerability in portutil.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS5.9AI score0.00569EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 8:7 a.m.25 views

CVE-2025-41751 Reflected XSS vulnerability in pxc_portCntr.php

An XSS vulnerability in pxcportCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08549EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 8:7 a.m.14 views

CVE-2025-41751

CVE-2025-41751 describes a reflected XSS in pxc_portCntr.php that permits an unauthenticated remote attacker to trick an authenticated user into clicking a link to modify device configuration through the web-based management interface. The vulnerability affects parameters exposed in the WBM conte...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/09 8:7 a.m.14 views

CVE-2025-41752

CVE-2025-41752 describes a reflected XSS in pxc_portSfp.php that can be exploited by an unauthenticated attacker to entice an authenticated user to click a malicious link and modify device configuration via web-based management. The vulnerability is reported as affecting PHOENIX CONTACT FL SWITCH...

7.1CVSS5.9AI score0.08549EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 8:7 a.m.29 views

CVE-2025-41752 Reflected XSS vulnerability in pxc_portSfp.php

An XSS vulnerability in pxcportSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS0.08549EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.9 views

PT-2025-49823

An XSS vulnerability in pxc portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided by the attacker in order to change parameters available via web based management WBM. The vulnerability does not provide access to system-level...

7.1CVSS6.3AI score0.08549EPSS
Exploits0References1
Rows per page
Query Builder