RSS   Vulnerabilities for 'Pfsense'   RSS

2010-12-07
 
CVE-2010-4412

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.

 
 
CVE-2010-4246

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.

 


Copyright 2022, cxsecurity.com

 

Back to Top