259 matches found
Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14285)
Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the NTPSERVER parameter of the time.cgi...
CVE-2019-25412 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
CVE-2019-25412
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
CVE-2019-25412 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via NTP_SERVER_LIST
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...
Comodo Dome Firewall 跨站脚本漏洞
Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the NTPSERVERLIST parameter input in the...
CVE-2019-25382
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
CVE-2019-25382
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
CVE-2019-25382
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
PT-2026-8365
Smoothwall Express 3.1-SP4-polar-x86 64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTP SERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...
CVE-2020-36910
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizardsystem.cgi pages. Attackers can exploit the 'NTPServerIP' parameter with default credentials to execute arbitrary shell commands as root...
CVE-2020-36910 Cayin Signage Media Player 3.0 Authenticated Remote Command Injection via NTP Parameter
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizardsystem.cgi pages. Attackers can exploit the 'NTPServerIP' parameter with default credentials to execute arbitrary shell commands as root...
CVE-2020-36910 Cayin Signage Media Player 3.0 Authenticated Remote Command Injection via NTP Parameter
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizardsystem.cgi pages. Attackers can exploit the 'NTPServerIP' parameter with default credentials to execute arbitrary shell commands as root...
PT-2026-1445
Cayin Signage Media Player 3.0 contains an authenticated remote command injection vulnerability in system.cgi and wizard system.cgi pages. Attackers can exploit the 'NTP Server IP' parameter with default credentials to execute arbitrary shell commands as root...
EUVD-2020-2672
Malware in sbrugna...
EUVD-2019-5498
Malware in sbrugna...
EUVD-2006-0382
Malware in sbrugna...
EUVD-2014-5305
Malware in sbrugna...
EUVD-2020-29850
Malware in sbrugna...