pfSense 2.0.1 XSS / CSRF / Command Execution
https://packetstormsecurity.com/files/119256/pfsense-xssxsrf.txt
https://packetstormsecurity.com/files/119256/pfsense-xssxsrf.txthttps://packetstormsecurity.com/files/119256/pfSense-2.0.1-XSS-CSRF-Command-Execution.htmlFri, 04 Jan 2013 23:33:33 GMTpfSense version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities. The cross site request forgery proof of concept also demonstrates a remote command execution vulnerability.