CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5435 matches found

ATTACKERKB•added 2026/02/16 5:4 p.m.•5 views

CVE-2019-25383

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the apcupsd.cgi script that allow attackers to inject malicious scripts through multiple POST parameters. Attackers can submit crafted POST requests with script payloads in parameter...

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/16 5:4 p.m.•4 views

CVE-2019-25383 Smoothwall Express 3.1 'apcupsd.cgi' Cross-Site Scripting

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3

Cvelist•added 2026/02/16 5:4 p.m.•27 views

CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...

6.1CVSS0.00254EPSS

Exploits1References3

ATTACKERKB•added 2026/02/16 5:4 p.m.•4 views

CVE-2019-25382

6.1CVSS5.6AI score0.00254EPSS

Exploits1References3Affected Software1

CVE•added 2026/02/16 5:4 p.m.•12 views

CVE-2019-25382

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability in the time.cgi endpoint, exploitable via POST requests to the NTP_SERVER parameter to execute arbitrary JavaScript in users’ browsers. CVSSv3.1 base score 6.1, scope changed, impact on confide...

6.1CVSS5.6AI score0.00254EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/16 5:4 p.m.•2 views

CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting

6.1CVSS5.6AI score0.00254EPSS

Exploits1References3

Cvelist•added 2026/02/16 5:4 p.m.•24 views

CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...

6.1CVSS0.00225EPSS

Exploits1References3

ATTACKERKB•added 2026/02/16 5:4 p.m.•2 views

CVE-2019-25381

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/16 5:4 p.m.•3 views

CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3

CVE•added 2026/02/16 5:4 p.m.•20 views

CVE-2019-25379

CVE-2019-25379 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, with stored and reflected XSS in the urlfilter.cgi endpoint. Attackers can submit POST payloads in REDIRECT_PAGE or CHILDREN to inject JavaScript in user browsers. The provided metrics show CVSS v3.1 base score 7.2 (HIGH) and...

7.2CVSS5.6AI score0.0025EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/02/16 5:4 p.m.•25 views

CVE-2019-25379 Smoothwall Express 3.1 'urlfilter.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. Attackers can submit POST requests with script payloads in the REDIRECTPAGE or CHILDREN parameters to...

7.2CVSS0.0025EPSS

Exploits1References3

ATTACKERKB•added 2026/02/16 5:4 p.m.•4 views

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script that allow attackers to inject malicious scripts through multiple parameters. Attackers can submit POST requests to dhcp.cgi with script payloads in parameters su...

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3Affected Software1

ATTACKERKB•added 2026/02/16 5:4 p.m.•4 views

CVE-2019-25379

7.2CVSS5.6AI score0.0025EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/16 5:4 p.m.•2 views

CVE-2019-25379 Smoothwall Express 3.1 'urlfilter.cgi' Cross-Site Scripting

7.2CVSS5.6AI score0.0025EPSS

Exploits1References3

Vulnrichment•added 2026/02/16 5:4 p.m.•3 views

CVE-2019-25380 Smoothwall Express 3.1 'dhcp.cgi' Cross-Site Scripting

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3

CVE•added 2026/02/16 5:4 p.m.•21 views

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script. The vulnerability enables attackers to inject JavaScript via posted parameters (e.g., BOOT_SERVER, BOOT_FILE, BOOT_ROOT, START_ADDR, END_ADDR, DNS1, DNS2, NTP1,...

6.1CVSS5.6AI score0.00225EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/02/16 5:4 p.m.•24 views

CVE-2019-25380 Smoothwall Express 3.1 'dhcp.cgi' Cross-Site Scripting

6.1CVSS0.00225EPSS

Exploits1References3

CVE•added 2026/02/16 5:4 p.m.•10 views

CVE-2019-25378

CVE-2019-25378 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, via the proxy.cgi endpoint. The vulnerability allows cross-site scripting by injecting payloads through parameters such as CACHE_SIZE, MAX_SIZE, MIN_SIZE, MAX_OUTGOING_SIZE, and MAX_INCOMING_SIZE. Attackers can submit POST re...

6.1CVSS5.5AI score0.00225EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/02/16 5:4 p.m.•26 views

CVE-2019-25378 Smoothwall Express 3.1 'proxy.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple cross-site scripting vulnerabilities in the proxy.cgi endpoint that allow attackers to inject malicious scripts through parameters including CACHESIZE, MAXSIZE, MINSIZE, MAXOUTGOINGSIZE, and MAXINCOMINGSIZE. Attackers can submit POS...

6.1CVSS0.00225EPSS

Exploits1References3

Vulnrichment•added 2026/02/16 5:4 p.m.•6 views

CVE-2019-25378 Smoothwall Express 3.1 'proxy.cgi' Cross-Site Scripting

6.1CVSS5.5AI score0.00225EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by