27 matches found
CVE-2019-25418
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitra...
CVE-2019-25418
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitra...
CVE-2019-25406
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...
CVE-2019-25404
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...
CVE-2019-25404
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...
CVE-2019-25418
CVE-2019-25418 affects Comodo Dome Firewall 2.7.0, with a reflected cross-site scripting vulnerability in the FWADDRESSES parameter. Attackers can submit crafted input via POST to the /korugan/fwgroups endpoint, causing arbitrary JavaScript execution in users’ browsers and potential session data ...
CVE-2019-25418
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitra...
CVE-2019-25418 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via fwgroups
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitra...
CVE-2019-25418 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via fwgroups
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. Attackers can send POST requests to the /korugan/fwgroups endpoint with script payloads to execute arbitra...
CVE-2019-25412 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
CVE-2019-25412
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
CVE-2019-25412 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
CVE-2019-25406 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via organization Parameter
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...
CVE-2019-25406
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...
CVE-2019-25406
Comodo Dome Firewall 2.7.0 is affected by a reflected cross-site scripting (XSS) vulnerability in the organization parameter affecting the korugan/cmclient endpoint. The attack could deliver arbitrary JavaScript in users’ browsers, with CVSS 4.0 metrics: base score 5.1 (Network, N/AC/L; user inte...
CVE-2019-25406 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via organization Parameter
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. Attackers can send POST requests to the korugan/cmclient endpoint with script payloads in the organization parameter to...
CVE-2019-25404 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via admins
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. Attackers can inject script payloads in the adminname, name, and surname parameters via...
CVE-2019-25404
CVE-2019-25404 affects Comodo Dome Firewall 2.7.0. The vulnerability is a stored XSS in the admin interface, exploitable by an authenticated attacker who submits crafted input to /korugan/admins via POST, injecting scripts into admin_name, name, or surname. The payload is stored and executed when...
PT-2026-20815
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP SERVER LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NT...
Comodo Dome Firewall 跨站脚本漏洞
Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the FWADDRESSES parameter input in the...