Lucene search
+L

168 matches found

euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18318

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/localdomains/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18328

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/password/web/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.8 views

EUVD-2026-18296

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.7 views

EUVD-2026-18300

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.8 views

EUVD-2026-18280

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.4 views

EUVD-2026-18284

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dhcp/fixedleases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18286

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark user ham spam parameter to /cgi-bin/salearn.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.4 views

EUVD-2026-18294

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/snat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18278

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/routing.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00172EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18298

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18322

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/ipsec/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
euvd
euvd
added 2026/04/02 3:31 p.m.3 views

EUVD-2026-18292

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3
nvd
nvd
added 2026/04/02 3:16 p.m.3 views

CVE-2026-34823

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/password/web/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34821

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/vpnauthentication/user/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00157EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.13 views

CVE-2026-34818

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/localdomains/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34808

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.5 views

CVE-2026-34809

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.8 views

CVE-2026-34807

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00205EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.4 views

CVE-2026-34810

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/vpnfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
nvd
nvd
added 2026/04/02 3:16 p.m.5 views

CVE-2026-34811

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00138EPSS
Exploits0References2
Rows per page
Query Builder