197 matches found
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14290)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the iptools.cgi endpoint IP parameters of the user-supplied data lack of effective filtering and escaping , an...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14286)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the apcupsd.cgi script multiple POST parameters on the user-supplied data lack of effective filtering and escaping ...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14354)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the outgoing.cgi endpoint in the MACHINE and MACHINECOMMENT parameters of the user-supplied data lack of effective...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14284)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the timedaccess.cgi endpoint MACHINES parameter on the user-supplied data lack of effective filtering and escaping , an...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14283)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the hosts.cgi script in the IP, HOSTNAME or COMMENT parameter on the user-supplied data lack of effective filtering and...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14287)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the ipblock.cgi endpoint of the SRCIP and COMMENT parameters of the user-supplied data lack of effective filtering and...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14367)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14289)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the smoothinfo.cgi endpoint WRAP or SECTIONTITLE parameter on the user-supplied data lack of effective filtering an...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14374)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the preferences.cgi script on the HOSTNAME, KEYMAP and OPENNESS parameters of the user-supplied data lack of...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14285)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the NTPSERVER parameter of the time.cgi...
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14345)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express suffers from a cross-site scripting vulnerability that originates from the interfaces.cgi script to GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE, DNS2 OVERRIDE,...
Smoothwall Express Cross-Site Scripting Vulnerability
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the modem.cgi script for INIT, HANGUP, SPEAKERON, SPEAKEROFF, TONEDIAL and PULSEDIAL parameters of the user-supplied data...
CVE-2019-25395
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...
CVE-2019-25393
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests to the smoothinfo.cgi endpoint with script...
CVE-2019-25394
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in parameters like INIT, HANGUP, SPEAKERON,...
CVE-2019-25393
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests to the smoothinfo.cgi endpoint with script...
CVE-2019-25395
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...
CVE-2019-25394
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in parameters like INIT, HANGUP, SPEAKERON,...
CVE-2019-25386
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...
CVE-2019-25387
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the xtaccess.cgi endpoint. Attackers can inject script payloads through the EXT, DESTPORT, or...