Page 20 of 97 results (0.008 seconds)

CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896. La administración del dispositivo mediante el interfaz de comandos en Palo Alto Networks PAN-OS anterior a 3.1.11 y 4.0.x anterior a 4.0.9, permite a usuarios autenticados remotamente ejecutar comandos arbitrarios a través de vectores sin especificar. Aka Ref ID 34896. • https://security.paloaltonetworks.com/CVE-2012-6605 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 4.3EPSS: 0%CPEs: 29EXPL: 0

Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via crafted data, aka Ref ID 50908. Vulnerabilidad XSS en el navegador web-based device-management API en Palo Alto Networks PAN-OS anterior a 4.1.13 y 5.0.x anterior a 5.0.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de datos manipulados. • https://security.paloaltonetworks.com/CVE-2013-5664 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •