Search criteria
2 vulnerabilities by free
CVE-2014-9382 (GCVE-0-2014-9382)
Vulnerability from cvelistv5 – Published: 2020-01-13 13:42 – Updated: 2024-08-06 13:40
VLAI
Summary
Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/132121/FreeB… | x_refsource_MISC |
| http://www.securityfocus.com/bid/74936 | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2015/Jun/1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-13T13:42:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/74936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"name": "http://www.securityfocus.com/bid/74936",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/74936"
},
{
"name": "http://seclists.org/fulldisclosure/2015/Jun/1",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9382",
"datePublished": "2020-01-13T13:42:07.000Z",
"dateReserved": "2014-12-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:40:24.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9405 (GCVE-0-2014-9405)
Vulnerability from cvelistv5 – Published: 2020-01-06 21:16 – Updated: 2024-08-06 13:40
VLAI
Summary
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/132121/FreeB… | x_refsource_MISC |
| http://www.securityfocus.com/bid/74936 | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2015/Jun/1 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/535660/100… | x_refsource_MISC |
Date Public
2015-06-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:25.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535660/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-06T21:16:38.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/74936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/archive/1/535660/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132121/FreeBox-3.0.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"name": "http://www.securityfocus.com/bid/74936",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/74936"
},
{
"name": "http://seclists.org/fulldisclosure/2015/Jun/1",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/1"
},
{
"name": "http://www.securityfocus.com/archive/1/535660/100/0/threaded",
"refsource": "MISC",
"url": "http://www.securityfocus.com/archive/1/535660/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9405",
"datePublished": "2020-01-06T21:16:38.000Z",
"dateReserved": "2014-12-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:40:25.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}