Lucene search
+L

105 matches found

OSV
OSV
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25420

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snattoip parameters to execute arbitrary...

5.1CVSS5.9AI score0.00399EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/19 12:2 p.m.31 views

CVE-2019-25420 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via snat

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snattoip parameters to execute arbitrary...

6.1CVSS0.00399EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:2 p.m.4 views

CVE-2019-25420

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snattoip parameters to execute arbitrary...

6.1CVSS5.6AI score0.00399EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 12:2 p.m.3 views

CVE-2019-25420 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via snat

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. Attackers can send POST requests with JavaScript payloads in the port or snattoip parameters to execute arbitrary...

6.1CVSS5.6AI score0.00399EPSS
Exploits1References4
CVE
CVE
added 2026/02/19 12:2 p.m.19 views

CVE-2019-25420

CVE-2019-25420 affects Comodo Dome Firewall 2.7.0 with a reflected cross-site scripting flaw exposed via the snat endpoint. The vulnerability allows attackers to inject JavaScript by submitting crafted input to snat, specifically through POST requests containing payloads in the port or snat_to_ip...

6.1CVSS5.6AI score0.00399EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.10 views

Smoothwall Express 跨站脚本漏洞

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...

6.1CVSS5.9AI score0.00244EPSS
Exploits1References3
NVD
NVD
added 2026/01/30 5:16 p.m.4 views

CVE-2020-36966

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

6.4CVSS0.00244EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/30 5:16 p.m.4 views

CVE-2020-36966

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

6.4CVSS5.9AI score0.00244EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/30 4:16 p.m.44 views

CVE-2020-36966 Dolibarr 11.0.3 - 'ldap.php' - Persistent Cross-Site Scripting

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

6.4CVSS0.00244EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/30 4:16 p.m.3 views

CVE-2020-36966 Dolibarr 11.0.3 - 'ldap.php' - Persistent Cross-Site Scripting

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

6.4CVSS6AI score0.00244EPSS
Exploits0References3
CVE
CVE
added 2026/01/30 4:16 p.m.28 views

CVE-2020-36966

CVE-2020-36966 affects Dolibarr 11.0.3: a persistent XSS in LDAP synchronization (/dolibarr/admin/ldap.php) allows injection via host, slave, and port parameters, enabling arbitrary JavaScript execution and potential cookie theft. Public sources describe the vulnerability; no patch details are pr...

6.4CVSS6AI score0.00244EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.28 views

PT-2026-5411

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

6.4CVSS6AI score0.00244EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/10 9:16 p.m.7 views

CVE-2021-47728

Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local...

9.3CVSS8.3AI score0.02404EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/09 9:31 p.m.7 views

EUVD-2021-34742

Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local...

9.3CVSS7.8AI score0.02404EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

Selea Targa IP OCR-ANPR Camera 操作系统命令注入漏洞

Selea Targa IP OCR-ANPR Camera is an IP camera from Selea. The Selea Targa IP OCR-ANPR Camera suffers from an operating system command injection vulnerability that stems from a command injection issue with the addr and port parameters in utils.php, which could lead to the execution of arbitrary...

9.8CVSS7.6AI score0.02404EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

orion-ops 安全漏洞

orion-ops is a one-stop automated operation and maintenance and automated deployment platform by Jiahang Li, an individual developer. A security vulnerability exists in orion-ops, which stems from the misuse of the parameters host/sshPort/username/password/authType in the file...

6.5CVSS6.4AI score0.00292EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/25 12:43 a.m.17 views

CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

7.5CVSS8.7AI score0.00556EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/25 12:0 a.m.7 views

Emoncms 安全漏洞

Emoncms is an open source web application from Emoncms Open Source. The program is primarily used to process, record and display energy, temperature and other environmental data. A security vulnerability exists in Emoncms version 11.7.3, which stems from insufficient input validation of the...

7.5CVSS7.8AI score0.00556EPSS
Exploits1References1
NVD
NVD
added 2025/10/24 3:15 p.m.11 views

CVE-2025-60938

Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baudrate,...

7.5CVSS0.00556EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-23958

Malware in sbrugna...

6.1CVSS6.3AI score0.01025EPSS
Exploits1References3
Rows per page
Query Builder