Lucene search
K

21 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

F5 FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26412/info F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...

7.1AI score
Exploits0
Prion
Prion
added 2008/04/30 4:17 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS6AI score0.01452EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/04/30 4:17 p.m.16 views

CVE-2008-2030

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS5.6AI score0.01452EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/04/30 3:0 p.m.21 views

CVE-2008-2030

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5.6AI score0.01452EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/04/30 12:0 a.m.17 views

F5 FirePass 4100 SSL VPN设备installControl.php3跨站脚本漏洞

BUGTRAQ ID: 28902 F5 FirePass SSL VPN设备允许用户安全的连接到关键业务应用设备上。 FirePass没有正确地过滤对installControl.php3脚本所传送的URL便返回给了用户,这允许攻击者通过跨站脚本攻击导致在用户浏览器会话中执行任意HTML和脚本代码。 F5 FirePass 4100 F5 -- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.f5.com/...

6.9AI score
Exploits0
Prion
Prion
added 2008/03/05 11:44 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...

2.6CVSS6.1AI score0.05923EPSS
Exploits1References15Affected Software1
CVE
CVE
added 2008/03/05 11:0 p.m.67 views

CVE-2007-6704

CVE-2007-6704 is a cross-site scripting vulnerability affecting F5 FirePass SSL VPN 4100/5.x and 6.0.x when pre-logon sequences are enabled. The issue allows remote attackers to inject script via the query string to my.activation.php3 or my.logon.php3. FirePass 6.0.2 fixes the issue; hotfixes HF-...

2.6CVSS5.8AI score0.05923EPSS
Exploits1References15Affected Software1
Cvelist
Cvelist
added 2008/03/05 11:0 p.m.22 views

CVE-2007-6704

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...

5.8AI score0.05923EPSS
Exploits1References15
Packet Storm
Packet Storm
added 2007/12/02 12:0 a.m.29 views

ProCheckUp Security Advisory 2007.15

PR07-15: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass versions 6...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/02 12:0 a.m.24 views

ProCheckUp Security Advisory 2007.14

PR07-14: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/11/30 12:0 a.m.55 views

PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script

PR07-14: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2007/11/30 12:0 a.m.38 views

PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script

PR07-15: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass versions 6...

6.2AI score
Exploits0
exploitpack
exploitpack
added 2007/11/12 12:0 a.m.18 views

F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting

F5 FirePass 4100 SSL VPN - DownloadPlugin.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/26412/info F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this iss...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/12 12:0 a.m.44 views

F5 FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26412/info F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/06/07 12:0 a.m.24 views

F5 FirePass 4100 SSL VPN My.Activiation.PHP3远程命令注入漏洞

F5's FirePass SSL VPN提供使用标准WEB浏览器对应用程序和数据进行安全访问的解决方案。 F5 FirePass 4100不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'my.activation.php3'脚本对用户提交的'username'参数缺少过滤,在部分条件下允许用户注入Linux SHELL命令,导致以WEB权限执行。 F5 FirePass 4100 厂商解决方案 可参考如下安全公告获得补丁信息: https://tech.f5.com/home/solutions/sol167.html...

7AI score
Exploits0
Prion
Prion
added 2007/06/06 10:30 p.m.19 views

Design/Logic Flaw

my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter...

7.5CVSS8.2AI score0.02204EPSS
Exploits0References8
NVD
NVD
added 2007/06/06 10:30 p.m.26 views

CVE-2007-3097

my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter...

7.5CVSS7.6AI score0.02204EPSS
Exploits0References8
securityvulns
securityvulns
added 2006/07/04 12:0 a.m.36 views

F5 FirePass 4100 security appliance crossite scripting

No description provided...

2.1AI score
Exploits0References1Affected Software1
Prion
Prion
added 2006/03/22 2:2 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6.1AI score0.01937EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/03/22 2:0 a.m.25 views

CVE-2006-1357

Cross-site scripting XSS vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

5.7AI score0.01937EPSS
Exploits1References7
Rows per page
Query Builder