Lucene search
K

7 matches found

OSV
OSV
added 2026/02/19 1:16 p.m.3 views

CVE-2019-25405

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

5.4CVSS5.9AI score0.00296EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/19 12:2 p.m.6 views

CVE-2019-25405

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

7.2CVSS5.6AI score0.00296EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/19 12:2 p.m.27 views

CVE-2019-25405 Comodo Dome Firewall 2.7.0 Stored Cross-Site Scripting via license_activation

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

7.2CVSS0.00296EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.4 views

PT-2026-20808

Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the newLicense parameter. Attackers can send POST requests to the license activation endpoint with script payloads in the newLicense fie...

7.2CVSS5.6AI score0.00296EPSS
Exploits1References4
NVD
NVD
added 2023/03/10 8:15 p.m.25 views

CVE-2023-1335

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS4.2AI score0.00548EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/10 7:20 p.m.26 views

CVE-2023-1335 RapidLoad Power-Up for Autoptimize <= 1.7.1 - Missing Authorization in 'ucss_connect'

The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the ucssconnect function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access t...

4.3CVSS4.6AI score0.00548EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2020/04/14 7:0 a.m.63 views

Cumulative Update 18 for Microsoft Dynamics 365 Business Central October'18 on-premises (Application Build 41909, Platform Build 41879)

None None...

8CVSS7.1AI score0.06831EPSS
Exploits0
Rows per page
Query Builder