CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 3CVE-2008-2030 – F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-2030
30 Apr 2008 — Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en installControl.php3 de F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 y 6.0-6.2 permite a atacantes remotos inyectar secuencias de comand... • https://www.exploit-db.com/exploits/31698 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 11%CPEs: 14EXPL: 3CVE-2007-6704 – F5 Networks FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-6704
05 Mar 2008 — Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en F5 FirePass 4100 SSL VPN 5.4.1 hasta 5.5.2 y 6.0 hasta 6.0.1, cuando las secuencias pre-logon están activadas, permiten a atacantes remoto... • https://www.exploit-db.com/exploits/30834 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 13%CPEs: 14EXPL: 1CVE-2007-5979 – F5 FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-5979
15 Nov 2007 — Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en download_plugin.php3 en F5 Firepass 4100 SSL VPN 5.4 hasta la 5.5.2 y 6.0 hasta la 6.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro backurl. • https://www.exploit-db.com/exploits/30755 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3097
https://notcve.org/view.php?id=CVE-2007-3097
06 Jun 2007 — my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter. my.activation.php3 en F5 FirePass 4100 SSL VPN permite a atacantes remotos ejecutar órdenes de línea de comandos de su elección mediante metacaracteres de línea de comandos en el parámetro username. • http://secunia.com/advisories/25563 •
CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-0186
https://notcve.org/view.php?id=CVE-2007-0186
11 Jan 2007 — Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to inject arbitrary web script or HTML via (1) the xcho parameter to my.logon.php3; the (2) topblue, (3) midblue, (4) wtopblue, and certain other Custom color parameters in a per action to vdesk/admincon/index.php; the (5) h321, (6) h311, (7) h312, and certain other Front Door custom text color parameters in a per action to vdesk/admincon/index.php; the (8) ua parameter in a bro action to vdesk/admincon/index.p... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051651.html •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3550
https://notcve.org/view.php?id=CVE-2006-3550
13 Jul 2006 — Multiple cross-site scripting (XSS) vulnerabilities in F5 Networks FirePass 4100 5.x allow remote attackers to inject arbitrary web script or HTML via unspecified "writable form fields and hidden fields," including "authentication frontends." Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en F5 Networks FirePass 4100 5.x permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de "campos de formulario escribibles y ocultos" no especificad... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047635.html •
CVSS: 6.1EPSS: 6%CPEs: 1EXPL: 2CVE-2006-1357 – F5 Firepass 4100 SSL VPN - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-1357
22 Mar 2006 — Cross-site scripting (XSS) vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter. • https://www.exploit-db.com/exploits/27452 •