CVE-2026-34821

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/vpnauthentication/user/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

CVE-2026-34821

CVE-2026-34821 affects Endian Firewall up to version 3.3.25. A stored XSS flaw exists in the remark parameter of /manage/vpnauthentication/user/, allowing an authenticated attacker to inject JavaScript that is stored and executed when other users view the page. The provided sources specify affect...

CVE-2026-34801 Endian Firewall /manage/dhcp/fixed_leases/ remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dhcp/fixedleases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

CVE-2019-25294 html5_snmp 1.11 - 'Remark' Persistent Cross-Site Scripting

html5snmp 1.11 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through the 'Remark' parameter in addrouteroperation.php. Attackers can craft a POST request with a script payload in the Remark field to execute arbitrary JavaScript in victi...

CVE-2025-34314

IPFire

PT-2024-16104 · Unknown · Phpgurukul Boat Booking System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Boat Booking System version 1.0 Description: A problematic vulnerability was found in the PHPGurukul Boat Booking System. This issue affects the /admin/book-details.php file of the Booking Details Page component. The manipulation o...

CVE-2022-45720

IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function...