CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9342
https://notcve.org/view.php?id=CVE-2014-9342
08 Dec 2014 — Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation. Vulnerabilidad de XSS en la caracteristica tree view (pl_tree.php) en Application Security Manager (ASM) en F5 BIG-IP 11.3.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios mediante el acceso a una URL manipulada ... • http://secunia.com/advisories/62000 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-7032 – F5 BIG-IP 9.4.3 - Web Management Interface Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2008-7032
24 Aug 2009 — Web Management Console Cross-site request forgery (CSRF) vulnerability in the web management console in F5 BIG-IP 9.4.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrators and execute shell commands, as demonstrated using tmui/Control/form. Vulnerabilidad de falsificación de petición cruzada en sitios cruzados (CSRF) en la consola de gestión web en F5 BIG-IP v9.4.3 permite a atacantes remotos secuestrar la autenticación de los administradores pa... • https://www.exploit-db.com/exploits/31133 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 33%CPEs: 5EXPL: 2CVE-2007-6258 – Apache Tomcat Connector jk2-2.0.2 mod_jk2 - Remote Overflow
https://notcve.org/view.php?id=CVE-2007-6258
18 Feb 2008 — Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. Múltiples desbordamientos de búfer basados en pila en el módulo de Apache legacy mod_jk2 2.0.3-DEV y anteriores permiten a atacantes remotos ejecutar código de su elección a través de una (1) cabecera Host larga o (2) Hostname dentro de una cabecera Host larga. • https://www.exploit-db.com/exploits/5386 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •