8 matches found
Endian Firewall remark parameter cross-site scripting vulnerability (CNVD-2026-18411)
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/dnat.cgi, and can be exploited by an attacker to inject malicious JavaScri...
EUVD-2026-18292
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34805
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34805 Endian Firewall /cgi-bin/dnat.cgi remark Stored Cross-Site Scripting
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
PT-2026-29765
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
Endian Firewall 跨站脚本漏洞
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/dnat.cgi, and can be exploited by an attacker to inject malicious JavaScri...
CVE-2012-4923
Multiple cross-site scripting XSS vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 createrule parameter to dnat.cgi, 2 addrule parameter to dansguardian.cgi, or 3 PATHINFO to openvpnusers.cgi...
CVE-2012-4923
Multiple cross-site scripting XSS vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the 1 createrule parameter to dnat.cgi, 2 addrule parameter to dansguardian.cgi, or 3 PATHINFO to openvpnusers.cgi...