Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/08/30 6:21 p.m.0 views

CVE-2025-50976

IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS6AI score0.00059EPSS
Exploits1References1
OSV
OSVadded 2025/08/26 6:15 p.m.0 views

CVE-2025-50976

IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1CVSS5.6AI score
Exploits0References1
NVD
NVDadded 2025/08/26 5:15 p.m.1 views

CVE-2025-50974

The Calamaris log exporter CGI /cgi-bin/logs.cgi/calamaris.dat in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of...

6.5CVSS0.00113EPSS
Exploits1References1
OSV
OSVadded 2025/08/26 5:15 p.m.0 views

CVE-2025-50974

The Calamaris log exporter CGI /cgi-bin/logs.cgi/calamaris.dat in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of...

6.5CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/26 12:0 a.m.1 views

CVE-2025-50976

IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...

6.1AI score0.00059EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/08/26 12:0 a.m.4 views

CVE-2025-50974

The Calamaris log exporter CGI /cgi-bin/logs.cgi/calamaris.dat in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of...

0.00113EPSS
Exploits1References1
CVE
CVEadded 2025/08/26 12:0 a.m.12 views

CVE-2025-50976

IPFire 2.29 DNS management interface (dns.cgi) is affected by a reflected XSS due to insufficient sanitization of user input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters. The root cause is improper input handling in dns.cgi, enabling reflected XSS payloads. Documented impact is li...

6.1CVSS5.7AI score0.00059EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/26 12:0 a.m.1 views

CVE-2025-50974

The Calamaris log exporter CGI /cgi-bin/logs.cgi/calamaris.dat in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of...

7.7AI score0.00113EPSS
Exploits1References1
Rows per page
Query Builder