10 matches found
CVE-2019-25407
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...
CVE-2019-25407
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...
CVE-2019-25407 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via backupschedule
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...
CVE-2019-25407
CVE-2019-25407 concerns Comodo Dome Firewall 2.7.0, where a reflected cross-site scripting vulnerability exists in the backupschedule interface. The issue allows an attacker to submit crafted input via POST to the backupschedule endpoint (BACKUP_RCPTTO) to execute arbitrary JavaScript in end user...
CVE-2019-25407
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...
PT-2026-20810
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUP...
Comodo Dome Firewall 跨站脚本漏洞
Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the BACKUPRCPTTO parameter input in the...
CVE-2024-3796 Cross-site Scripting vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting XSS through /admin/BackupSchedule, description field. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data...
CVE-2024-3796
CVE-2024-3796 affects WBSAirback 21.02.04 with a stored XSS in the /admin/BackupSchedule endpoint (description field). A remote attacker could send a crafted URL to steal session data. Exploitation details are not confirmed in all sources, but PT-2024-27865 recommends disabling access to the /adm...
Comodo KORUGAN LITE 1.6.5.1024 Cross Site Scripting
Exploit Title: Comodo KORUGAN LITE 1.6.5.1024 | Cross-Site Scripting Date: 18.01.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.korugan.com/koruganlite.php Software Link: https://download.comodo.com/korugan/Korugan-Lite.ova Version: 1.6.5.1024 Introduction Korugan Unified Threat...