CVE-2025-67259

A Broken Access Control vulnerability exists in ClassroomIO v0.1.13 where an authenticated low-privileged "student" user can access unauthorized course-level information by modifying intercepted API requests. Changing a captured POST request to a GET request against the /rest/v1/course PostgREST...

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS developed by Givan’s individual developers. It is used to build websites, blogs, or e-commerce stores. Versions of Vvveb prior to 1.0.8.1 contained security vulnerabilities. These vulnerabilities stemmed from an issue with the endpoint where administrator...

OpenClaw has an unspecified vulnerability (CNVD-2026-16694)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to cause an authenticated operator with only operator.write privileges to access the administrator-specific browser profile management rout...

CVE-2019-25403

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

CVE-2019-25403

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

CVE-2019-25403

CVE-2019-25403 affects Comodo Dome Firewall 2.7.0 via a stored cross-site scripting (XSS) vulnerability in the admin_profiles endpoint. An authenticated attacker can submit crafted input in the comment parameter, causing malicious JavaScript to execute in the browsers of other users who view the ...

CVE-2019-25403 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admin_profiles

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

CVE-2019-25403

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

CVE-2019-25403 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admin_profiles

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

Comodo Dome Firewall 跨站脚本漏洞

Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from insufficient input validation for the comment parameter in th...

PT-2026-20806

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the admin profiles endpoint that executes in the...