Lucene search
+L

168 matches found

Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.13 views

PT-2026-29779

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the REMARK parameter to /cgi-bin/openvpnclient.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00179EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/vpnfw.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/vpnauthentication/user/, and can be exploited by an attacker to inject...

6.4CVSS5.7AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/snat.cgi, and can be exploited by an attacker to inject malicious JavaScri...

6.4CVSS5.7AI score0.00168EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/xtaccess.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.10 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/dnsmasq/localdomains/, and can be exploited by an attacker to inject...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.12 views

PT-2026-29778

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/localdomains/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall REMARK parameter, which stems from improper handling of the REMARK parameter in /cgi-bin/openvpnclient.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00179EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29769

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/password/web/, and can be exploited by an attacker to inject malicious scri...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29771

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29765

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.10 views

PT-2026-29780

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/ipsec/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.10 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/zonefw.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/22 8:2 a.m.5 views

CVE-2026-2935 UTT HiPER 810G ConfigExceptMSN strcpy buffer overflow

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to...

8.6CVSS6AI score0.00805EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.7 views

CVE-2019-25421

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

5.1CVSS6AI score0.00399EPSS
Exploits1References4
CVE
CVE
added 2026/02/19 12:2 p.m.10 views

CVE-2019-25422

CVE-2019-25422 affects Comodo Dome Firewall 2.7.0 and describes cross-site scripting vulnerabilities in the vpnfw endpoint. The weakness allows attackers to inject scripts via the target parameter (reflected XSS) or the remark parameter (stored XSS), potentially leading to execution of arbitrary ...

7.2CVSS5.5AI score0.00348EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:2 p.m.4 views

CVE-2019-25421

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

6.1CVSS5.8AI score0.00399EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.9 views

PT-2026-20824

Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. Attackers can submit POST requests with JavaScript payloads in the mac, target, and remark parameters to execute arbitrary code in...

6.1CVSS5.8AI score0.00399EPSS
Exploits1References4
NVD
NVD
added 2026/02/06 5:16 p.m.8 views

CVE-2019-25294

html5snmp 1.11 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through the 'Remark' parameter in addrouteroperation.php. Attackers can craft a POST request with a script payload in the Remark field to execute arbitrary JavaScript in victi...

6.1CVSS0.00203EPSS
Exploits1References3
Rows per page
Query Builder