Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27468

Malicious code in bioql PyPI...

5.1CVSS6.6AI score0.09815EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/11 8:27 p.m.6 views

CVE-2025-34174

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS6AI score0.09815EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 8:15 p.m.6 views

CVE-2025-34174

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.4CVSS0.09815EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/09 8:2 p.m.3 views

CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS5.7AI score0.09815EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/09 8:2 p.m.10 views

CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS0.09815EPSS
Exploits0References3
CVE
CVE
added 2025/09/09 8:2 p.m.16 views

CVE-2025-34174

The CVE affects pfSense CE in the Status Traffic Totals feature: /usr/local/www/status_traffic_totals.php processes the start-day parameter. The parameter is not validated as numeric nor sanitized for HTML, allowing the value to be saved as the default display for all users, which triggers stored...

5.4CVSS5.5AI score0.09815EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/09/09 8:2 p.m.5 views

CVE-2025-34174 Netgate pfSense CE Status_Traffic_Totals Package v2.3.2_7 Stored Cross-Site Scripting

In pfSense CE /usr/local/www/statustraffictotals.php, the value of the start-day parameter is not ensured to be a numeric value or sanitized of HTML-related characters/strings before being directly displayed in the input box. This value can be saved as the default value to be displayed to all use...

5.1CVSS5.4AI score0.09815EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36941

Name of the Vulnerable Software and Affected Versions: pfSense CE affected versions not specified Description: The start-day parameter in /usr/local/www/status traffic totals.php does not undergo proper validation to ensure it is a numeric value or sanitized of HTML-related characters before bein...

5.1CVSS5.2AI score0.09815EPSS
Exploits0References4
Rows per page
Query Builder