Lucene search
+L

197 matches found

Prion
Prion
added 2014/12/31 10:59 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter in an Add action...

4.3CVSS6.1AI score0.01427EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/12/31 10:59 p.m.13 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the 1 admin or 2 dial password via a request to httpd/cgi-bin/changepw.cgi...

6.8CVSS7.9AI score0.00903EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/12/31 10:59 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to inject arbitrary web script or HTML via the 1 PROFILENAME parameter in a Save action to httpd/cgi-bin/pppsetup.cgi or 2 COMMENT parameter in an Add action to httpd/cgi-bin/ddns.cgi...

4.3CVSS6AI score0.01427EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/12/31 10:0 p.m.21 views

CVE-2011-5283

Cross-site scripting XSS vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action...

5.7AI score0.03217EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/12/31 10:0 p.m.22 views

CVE-2014-9430

Cross-site scripting XSS vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter in an Add action...

5.7AI score0.01427EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/12/31 10:0 p.m.25 views

CVE-2014-9431

Multiple cross-site request forgery CSRF vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the 1 admin or 2 dial password via a request to httpd/cgi-bin/changepw.cgi...

7.4AI score0.00903EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/12/31 10:0 p.m.17 views

CVE-2014-9429

Multiple cross-site scripting XSS vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to inject arbitrary web script or HTML via the 1 PROFILENAME parameter in a Save action to httpd/cgi-bin/pppsetup.cgi or 2 COMMENT parameter in an Add action to httpd/cgi-bin/ddns.cgi...

5.8AI score0.01427EPSS
Exploits1References2
CVE
CVE
added 2014/12/31 10:0 p.m.44 views

CVE-2014-9429

CVE-2014-9429 affects Smoothwall Express 3.1 and 3.0 SP3. The vulnerability is a set of cross-site scripting flaws in the web management interface, exploitable via the PROFILENAME parameter in a Save action to httpd/cgi-bin/pppsetup.cgi or the COMMENT parameter in an Add action to httpd/cgi-bin/d...

4.3CVSS5.8AI score0.01427EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2014/12/31 10:0 p.m.44 views

CVE-2011-5283

CVE-2011-5283 is an XSS vulnerability in Smoothwall Express (web management interface) via httpd/cgi-bin/ipinfo.cgi, affecting Smoothwall Express 3.1 and 3.0 SP3 and earlier. The issue allows remote attackers to inject arbitrary web script or HTML through the IP parameter in a Run action. Exploit...

4.3CVSS5.8AI score0.03217EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2014/12/31 10:0 p.m.48 views

CVE-2014-9431

CVE-2014-9431 describes multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3. The flaws allow remote attackers to hijack the authentication of administrators and change either the admin or dial password by issuing requests to httpd/cgi-bin/changepw.cgi....

6.8CVSS7.6AI score0.00903EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2014/12/31 10:0 p.m.44 views

CVE-2014-9430

CVE-2014-9430 describes a cross-site scripting (XSS) vulnerability in Smoothwall Express 3.0 SP3, specifically in the file httpd/cgi-bin/vpn.cgi/vpnconfig.dat where an attacker can inject arbitrary web script or HTML via the COMMENT parameter in an Add action. Multiple connected records corrobora...

4.3CVSS5.8AI score0.01427EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2014/12/31 10:0 p.m.40 views

CVE-2011-5284

CVE-2011-5284 describes a Cross-site Request Forgery vulnerability in Smoothwall Express 3.1 and 3.0 SP3 and earlier, specifically in the web management interface’s httpd/cgi-bin/shutdown.cgi. The vulnerability allows an attacker to hijack an administrator’s authenticated session to perform reboo...

6.8CVSS7.3AI score0.02268EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

SmoothWall Express 3.0 - Multiple Vulnerabilities

No description provided by source. The web management interface of SmoothWall Express 3.0 is vulnerable to xss and csrf. xss example: html title SmoothWall Express 3.0 xss /title body form action=http://192.168.0.1:81/cgi-bin/ipinfo.cgi; method=post id=xssplz input type=hidden name=IP...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/01/18 12:0 a.m.27 views

SmoothWall Express 3.0 Multiple Vulnerabilities

Exploit for cgi platform in category web applications The web management interface of SmoothWall Express 3.0 is vulnerable to xss and csrf. xss example: SmoothWall Express 3.0 xss alert1;' document.getElementById"xssplz".submit; csrf example: SmoothWall Express 3.0 csrf...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/01/17 12:0 a.m.16 views

SmoothWall Express 3.0 - Multiple Vulnerabilities

SmoothWall Express 3.0 - Multiple Vulnerabilities The web management interface of SmoothWall Express 3.0 is vulnerable to xss and csrf. xss example: SmoothWall Express 3.0 xss alert1;' document.getElementById"xssplz".submit; csrf example: SmoothWall Express 3.0 csrf...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/17 12:0 a.m.43 views

SmoothWall Express 3.0 - Multiple Vulnerabilities

The web management interface of SmoothWall Express 3.0 is vulnerable to xss and csrf. xss example: SmoothWall Express 3.0 xss alert1;' document.getElementById"xssplz".submit; csrf example: SmoothWall Express 3.0 csrf document.getElementById"csrfplz".submit;...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/16 12:0 a.m.20 views

SmoothWall Express 3.0 Cross Site Request Forgery / Cross Site Scripting

The web management interface of SmoothWall Express 3.0 is vulnerable to xss and csrf. xss example: SmoothWall Express 3.0 xss alert1;' document.getElementById"xssplz".submit; csrf example: SmoothWall Express 3.0 csrf document.getElementById"csrfplz".submit; -- Something's rotten in the state of...

0.5AI score
Exploits0
Rows per page
Query Builder