Lucene search
+L

311 matches found

NVD
NVD
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25412

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...

6.1CVSS0.0033EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.8 views

CVE-2019-25410

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. Attackers can submit POST requests to the policy routing endpoint with script payloads in these parameters to execute...

6.1CVSS0.0034EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.10 views

CVE-2019-25413

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. Attackers can craft requests to the /manage/ips/rules/ endpoint with script payloads in the ID parameter to execut...

6.1CVSS0.00384EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.7 views

CVE-2019-25412

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...

5.1CVSS5.9AI score0.0033EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25407

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...

5.1CVSS6AI score0.00395EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.6 views

CVE-2019-25404

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...

5.4CVSS5.7AI score0.00301EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.2 views

CVE-2019-25406

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...

5.1CVSS5.9AI score0.0034EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.10 views

CVE-2019-25405

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

7.2CVSS0.00296EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.5 views

CVE-2019-25406

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...

6.1CVSS0.0034EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.9 views

CVE-2019-25408

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the netmaskaddr parameter. Attackers can send POST requests to the netwizard2 endpoint with script payloads in the netmaskaddr...

6.1CVSS0.0034EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.6 views

CVE-2019-25404

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...

6.4CVSS0.00301EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.8 views

CVE-2019-25407

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. Attackers can send POST requests to the backupschedule endpoint with JavaScript code in the BACKUPRCPT...

6.1CVSS0.00395EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.8 views

CVE-2019-25403

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

5.4CVSS5.8AI score0.0029EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.7 views

CVE-2019-25403

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. Attackers can inject JavaScript code through the adminprofiles endpoint that executes in the browse...

6.4CVSS0.0029EPSS
Exploits1References4
OSV
OSV
added 2026/02/19 1:16 p.m.6 views

CVE-2019-25402

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the login endpoint with script payloads in the username...

5.1CVSS5.9AI score0.00384EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 1:16 p.m.8 views

CVE-2019-25402

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the login endpoint with script payloads in the username...

6.1CVSS0.00384EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/19 12:2 p.m.33 views

CVE-2019-25430 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via vpn_users

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpnusers endpoint with script payloads in the usernam...

6.1CVSS0.00369EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/19 12:2 p.m.6 views

CVE-2019-25430 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via vpn_users

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpnusers endpoint with script payloads in the usernam...

6.1CVSS5.6AI score0.00369EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:2 p.m.5 views

CVE-2019-25430

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the vpnusers endpoint with script payloads in the usernam...

6.1CVSS5.6AI score0.00369EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/02/19 12:2 p.m.20 views

CVE-2019-25430

Comodo Dome Firewall 2.7.0 is affected by a reflected XSS in the vpn_users endpoint. An unauthenticated attacker can submit crafted input in the username parameter via a POST request to trigger arbitrary JavaScript in a victim’s browser. CVSS v4.0 and v3.1 vectors are provided, with base scores o...

6.1CVSS5.6AI score0.00369EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder