12 matches found
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14283)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the hosts.cgi script in the IP, HOSTNAME or COMMENT parameter on the user-supplied data lack of effective filtering and...
CVE-2019-25397
IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to...
CVE-2019-25397
CVE-2019-25397 describes multiple reflected cross-site scripting vulnerabilities in hosts.cgi within IPFire 2.21 Core Update 127. Attackers can submit POST payloads in KEY1, IP, HOST, or DOM to execute arbitrary JavaScript in a user’s browser. Impact is reflected XSS with potential user interacti...
CVE-2019-25397 IPFire 2.21 Core Update 127 Cross-Site Scripting via hosts.cgi
IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to...
IPFire 跨站脚本漏洞
IPFire is an open-source Linux distribution developed by the IPFire organization. It is primarily used as a router and firewall. Version 127 of IPFire 2.21 Core Update contains a cross-site scripting vulnerability. This vulnerability stems from insufficient validation of KEY1, IP, HOST, or DOM...
PT-2026-20499
IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to...
CVE-2019-25381
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...
CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...
CVE-2019-25381
CVE-2019-25381 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, where the script hosts.cgi is vulnerable to multiple reflected cross-site scripting flaws. The vulnerability arises from unvalidated parameters in hosts.cgi, allowing an attacker to inject script payloads via POST requests us...
CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...
PT-2026-8364
Smoothwall Express 3.1-SP4-polar-x86 64-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payloa...
Smoothwall Express 跨站脚本漏洞
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express cross-site scripting vulnerability , the vulnerability stems from the hosts.cgi script in the IP, HOSTNAME or COMMENT parameter on the user-supplied data lack of effective filtering and...