CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

338 matches found

GithubExploit•added 2026/05/16 6:8 p.m.•62 views

Exploit for CVE-2021-33393

IPFire2.25RCEAuthenticated This exploit is based on CVE-202...

9CVSS7.3AI score0.72182EPSS

Exploits6

NVD•added 2026/02/18 10:16 p.m.•5 views

CVE-2019-25398

IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPNIP, DMTU, ccdname,...

6.1CVSS0.00084EPSS

Exploits1References4

NVD•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25399

IPFire 2.21 Core Update 127 contains multiple stored cross-site scripting vulnerabilities in the extrahd.cgi script that allow attackers to inject malicious scripts through the FS, PATH, and UUID parameters. Attackers can submit POST requests with script payloads in these parameters to execute...

6.4CVSS0.00058EPSS

Exploits1References4

OSV•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25400

IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the fwhosts.cgi script that allow attackers to inject malicious scripts through multiple parameters including HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost, grpname, remark, SRVNAME, SRVPORT,...

5.4CVSS6AI score

Exploits0References4

OSV•added 2026/02/18 10:16 p.m.•1 views

CVE-2019-25398

6.1CVSS5.9AI score0.00084EPSS

Exploits1References4

NVD•added 2026/02/18 10:16 p.m.•5 views

CVE-2019-25400

5.4CVSS0.00069EPSS

Exploits1References4

OSV•added 2026/02/18 10:16 p.m.•1 views

CVE-2019-25399

6.4CVSS6AI score

Exploits0References4

NVD•added 2026/02/18 10:16 p.m.•4 views

CVE-2019-25396

IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAXDISKUSAGE or MAXDOWNLOADRATE paramete...

6.1CVSS0.00079EPSS

Exploits1References4

OSV•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25397

IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to...

6.1CVSS5.9AI score0.00084EPSS

Exploits1References4

OSV•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25396

6.1CVSS5.9AI score

Exploits0References4

NVD•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25397

6.1CVSS0.00084EPSS

Exploits1References4

Cvelist•added 2026/02/18 8:59 p.m.•18 views

CVE-2019-25400 IPFire 2.21 Core Update 127 Multiple XSS via fwhosts.cgi

5.4CVSS0.00069EPSS

Exploits1References4

CVE•added 2026/02/18 8:59 p.m.•6 views

CVE-2019-25400

CVE-2019-25400 affects IPFire 2.21 Core Update 127. The vulnerabilities are multiple reflected XSS in the fwhosts.cgi script, exploitable via numerous parameters (e.g., HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost, grp_name, remark, SRV_NAME, SRV_PORT, SRVGRP_NAME, SRVGRP_REMARK, updatesr...

5.4CVSS5.6AI score0.00069EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/02/18 8:59 p.m.•2 views

CVE-2019-25400 IPFire 2.21 Core Update 127 Multiple XSS via fwhosts.cgi

5.4CVSS5.6AI score0.00069EPSS

Exploits1References4

CVE•added 2026/02/18 8:59 p.m.•5 views

CVE-2019-25399

IPFire 2.21 Core Update 127 contains multiple stored XSS vulnerabilities in the extrahd.cgi script. Attackers can submit POST requests with script payloads in the FS, PATH, and UUID parameters, enabling execution of arbitrary JavaScript in the context of authenticated administrator sessions. The ...

6.4CVSS5.6AI score0.00058EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/02/18 8:59 p.m.•20 views

CVE-2019-25399 IPFire 2.21 Core Update 127 Stored XSS via extrahd.cgi

6.4CVSS0.00058EPSS

Exploits1References4

Vulnrichment•added 2026/02/18 8:59 p.m.•2 views

CVE-2019-25399 IPFire 2.21 Core Update 127 Stored XSS via extrahd.cgi

6.4CVSS5.6AI score0.00058EPSS

Exploits1References4

Cvelist•added 2026/02/18 8:59 p.m.•21 views

CVE-2019-25398 IPFire 2.21 Core Update 127 Cross-Site Scripting via ovpnmain.cgi

6.1CVSS0.00084EPSS

Exploits1References4

CVE•added 2026/02/18 8:59 p.m.•4 views

CVE-2019-25397

CVE-2019-25397 describes multiple reflected cross-site scripting vulnerabilities in hosts.cgi within IPFire 2.21 Core Update 127. Attackers can submit POST payloads in KEY1, IP, HOST, or DOM to execute arbitrary JavaScript in a user’s browser. Impact is reflected XSS with potential user interacti...

6.1CVSS5.6AI score0.00084EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/02/18 8:59 p.m.•3 views

CVE-2019-25397 IPFire 2.21 Core Update 127 Cross-Site Scripting via hosts.cgi

6.1CVSS5.6AI score0.00084EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by