jim-p

19 exploits Active since Feb 2019
CVE-2019-12347 WRITEUP MEDIUM WRITEUP
pfSense 2.4.4-p3 - Stored Cross-Site Scripting via ACME Account Name or Description Field
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.
CVSS 6.1
CVE-2019-8953 WRITEUP MEDIUM WRITEUP
netgate/haproxy < 0.59_16 - Cross-Site Scripting via Description or ACL Parameter
The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
CVSS 6.1
CVE-2019-8953 WRITEUP MEDIUM WRITEUP
netgate/haproxy < 0.59_16 - Cross-Site Scripting via Description or ACL Parameter
The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
CVSS 6.1
CVE-2020-11457 WRITEUP MEDIUM WRITEUP
pfSense < 2.4.5 - Stored Cross-Site Scripting via User Full Name Parameter
pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.
CVSS 5.4
CVE-2023-27253 WRITEUP HIGH WRITEUP
Netgate pfSense <2.7.0 - Command Injection
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.
CVSS 8.8
CVE-2023-48123 WRITEUP HIGH WRITEUP
Netgate pfSense < 2.7.0 and pfSense Plus < 23.05.1 - Remote Code Execution via packet_capture.php
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
CVSS 8.8
CVE-2019-12584 WRITEUP MEDIUM WRITEUP
apcupsd 0.3.91_5 - Cross-Site Scripting in apcupsd_status.php
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
CVSS 6.1
CVE-2019-12585 WRITEUP CRITICAL WRITEUP
apcupsd 0.3.91_5 - OS Command Injection in apcupsd_status.php
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
CVSS 9.8
CVE-2019-16914 WRITEUP MEDIUM WRITEUP
pfSense <= 2.4.4-p3 - Cross-Site Scripting via services_captiveportal_mac.php Parameters
An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
CVSS 6.1
CVE-2019-16915 WRITEUP CRITICAL WRITEUP
pfSense < 2.4.4 - Path Traversal via Unsanitized widgetkey Parameter
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
CVSS 9.8
CVE-2019-18667 WRITEUP MEDIUM WRITEUP
pfSense-pkg-freeradius3 < 0.15.7_3 - Stored Cross-Site Scripting via Username or Password Field
/usr/local/www/freeradius_view_config.php in the freeradius3 package before 0.15.7_3 for pfSense on FreeBSD allows a user with an XSS payload as password or username to execute arbitrary javascript code on a victim browser.
CVSS 6.1
CVE-2020-10797 WRITEUP MEDIUM WRITEUP
pfSense < 2.4.5 - Stored Cross-Site Scripting in diag_ping.php Hostname Field
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
CVSS 6.1
CVE-2020-21219 WRITEUP MEDIUM WRITEUP
Netgate ACME 0.6.3 - Stored Cross-Site Scripting via RootFolder Parameter
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.
CVSS 6.1
CVE-2020-21487 WRITEUP CRITICAL WRITEUP
Netgate pfSense 2.4.4 and ACME package 0.6.3 - Stored Cross-Site Scripting via RootFolder Field
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
CVSS 9.6
CVE-2020-26693 WRITEUP MEDIUM WRITEUP
pfSense 2.4.5-p1 - Authenticated Stored Cross-Site Scripting via load_balancer_monitor.php
A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.
CVSS 5.4
CVE-2022-23993 WRITEUP MEDIUM WRITEUP
pfSense CE <2.6.0 - pfSense Plus <22.01 - XSS
/usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.
CVSS 6.1
CVE-2022-42247 WRITEUP MEDIUM WRITEUP
pfSense 2.5.2 - Stored Cross-Site Scripting in browser.php via File Name
pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.
CVSS 6.1
CVE-2025-12490 WRITEUP HIGH WRITEUP
Netgate pfSense CE - Path Traversal
Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authentication is required to exploit this vulnerability. The specific flaw exists within the Suricata package. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of root. Was ZDI-CAN-28085.
CVSS 8.8
CVE-2025-34172 WRITEUP MEDIUM WRITEUP
pfSense < 2.8.0 - Reflected Cross-Site Scripting via showsticktablecontent Parameter
In pfSense CE /usr/local/www/haproxy/haproxy_stats.php, the value of the showsticktablecontent parameter is displayed after being read from HTTP GET requests. This can enable reflected cross-site scripting when the victim is authenticated.
CVSS 6.1