Lucene search
K

21 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:41 p.m.71 views

K13993: Cross-site URL redirection attack vulnerability CVE-2009-4017

Security Advisory Description F5 FirePass SSL VPN contains a flaw that allows a remote cross-site redirection attack. This flaw exists because the application does not validate the refreshURL parameter upon submission to the my.activation.cns.php3 script. As a result, a user could create a URL...

5CVSS4.8AI score0.12041EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 7:0 p.m.17 views

K14046: FirePass input validation vulnerability

Security Advisory Description F5 FirePass SSL VPN contains an input validation vulnerability that may allow a remote attacker to compromise the FirePass controller. Impact An attacker may be able to exploit the vulnerability and retrieve arbitrary files, perform Denial of Service attacks, or...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

FirePass SSL VPN Unauthenticated Local File Inclusion

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2012/12/09 12:0 a.m.53 views

SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion

SEC Consult Vulnerability Lab Security Advisory 20121203-0 ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/04 12:0 a.m.35 views

F5 FirePass SSL VPN 7.0.0 HF-70-6 Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/12/03 12:0 a.m.37 views

FirePass SSL VPN - Local File Inclusion

FirePass SSL VPN - Local File Inclusion SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/03 12:0 a.m.38 views

FirePass SSL VPN Unauthenticated Local File Inclusion Vulnerability

Exploit for multiple platform in category web applications ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/03 12:0 a.m.38 views

FirePass SSL VPN - Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/10/21 12:0 a.m.14 views

FirePass 7.0 SSL VPN - refreshURL Open Redirection

FirePass 7.0 SSL VPN - refreshURL Open Redirection source: https://www.securityfocus.com/bid/56156/info FirePass SSL VPN is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/10/21 12:0 a.m.30 views

F5 FirePass SSL VPN Open URL Redirection

OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides secure remote access to enterprise applications and data for users over any device or network while protecting your corporate. See http://www.f5.com/pdf/products/firepass-overview.pdf...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/21 12:0 a.m.20 views

FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection

source: https://www.securityfocus.com/bid/56156/info FirePass SSL VPN is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. Versions prior to FirePass 7.0.0...

7.4AI score
Exploits0
NVD
NVD
added 2008/06/10 12:32 a.m.22 views

CVE-2008-2637

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in 1 the cssexceptions parameter in vdesk/admincon/webyfiers.php and 2 the sqlmatchscope parameter in...

4.3CVSS5.9AI score0.01819EPSS
Exploits0References7
Prion
Prion
added 2008/06/10 12:32 a.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in 1 the cssexceptions parameter in vdesk/admincon/webyfiers.php and 2 the sqlmatchscope parameter in...

4.3CVSS6.2AI score0.01819EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2008/06/10 12:0 a.m.27 views

CVE-2008-2637

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in 1 the cssexceptions parameter in vdesk/admincon/webyfiers.php and 2 the sqlmatchscope parameter in...

5.9AI score0.01819EPSS
Exploits0References7
exploitpack
exploitpack
added 2008/06/05 12:0 a.m.7 views

F5 FirePass 6.0.2.3 - vdeskadminconindex.php?sql_matchscope Cross-Site Scripting

F5 FirePass 6.0.2.3 - vdeskadminconindex.php?sqlmatchscope Cross-Site Scripting source: https://www.securityfocus.com/bid/29574/info F5 FirePass SSL VPN is prone to multiple cross-site request-forgery vulnerabilities because it fails to adequately sanitize user-supplied input. Exploiting these...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/05 12:0 a.m.34 views

F5 FirePass 6.0.2.3 - '/vdesk/admincon/webyfiers.php?css_exceptions' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29574/info F5 FirePass SSL VPN is prone to multiple cross-site request-forgery vulnerabilities because it fails to adequately sanitize user-supplied input. Exploiting these issues may allow a remote attacker to execute arbitrary actions in the context of...

7.4AI score
Exploits0
NVD
NVD
added 2008/03/05 11:44 p.m.16 views

CVE-2007-6704

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...

2.6CVSS5.8AI score0.05923EPSS
Exploits1References15
Exploit DB
Exploit DB
added 2007/11/30 12:0 a.m.40 views

F5 Networks FirePass 4100 SSL VPN - 'My.Logon.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26659/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/06/04 12:0 a.m.32 views

F5 Firepass SSL VPN unfiltered shell characters security vulnerabilities

Shell characters problem via username parameter of my.activation.php3 script...

3.7AI score
Exploits0References1Affected Software1
NVD
NVD
added 2007/01/12 5:4 a.m.25 views

CVE-2007-0186

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via 1 the xcho parameter to my.logon.php3; the 2 topblue, 3 midblue, 4 wtopblue, and certain other Custom color parameters in a per action to...

6.8CVSS5.6AI score0.01894EPSS
Exploits0References14
Rows per page
Query Builder