Smoothwall Express Cross-Site Scripting Vulnerability (CNVD-2026-14374)

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the preferences.cgi script on the HOSTNAME, KEYMAP and OPENNESS parameters of the user-supplied data lack of...

CVE-2019-25395

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...

CVE-2019-25395

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...

CVE-2019-25395 Smoothwall Express 3.1 'preferences.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...

CVE-2019-25395

CVE-2019-25395 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9. The vulnerability is a stored cross-site scripting flaw in preferences.cgi, exploitable via POST requests that inject payloads through HOSTNAME, KEYMAP, and OPENNESS parameters. The attacker can store malicious script on the ...

CVE-2019-25395

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...

CVE-2019-25395 Smoothwall Express 3.1 'preferences.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payload...

Smoothwall Express 跨站脚本漏洞

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the preferences.cgi script on the HOSTNAME, KEYMAP and OPENNESS parameters of the user-supplied data lack of...

PT-2026-8377

Smoothwall Express 3.1-SP4-polar-x86 64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attackers can submit POST requests with script payloa...

A week in security (October 20 – October 26)

Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...

On the Virtues of Information Security in the UK Climate Movement

We report on an ethnographic study with members of the climate movement in the United Kingdom UK. We conducted participant observation and interviews at protests and in various activist settings. Reporting on the findings as they relate to information security, we show that members of the UK...

burobd.org Cross Site Scripting vulnerability OBB-3365206

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5 Things Rapid7 Looks for in a BDR, and How We Spot Them

Every successful organization has a great salesforce. At Rapid7, the Business Development Representative BDR Program is a huge source of talent for our sales organization. Some of our most successful salespeople come from the program. So, what is it? The BDR Program at Rapid7 is an entry-level...

Product portals open: we want your input

SonarSource was born from open source software and most of what we do remains FLOSS, so openness and transparency have always been fundamental principles. With a recent change in how we approach product management, we've gone even further. We've recently opened up product portals on Productboard...

blog.activ-investment.eu XSS vulnerability

Open Bug Bounty ID: OBB-568414 Description| Value ---|--- Affected Website:| blog.activ-investment.eu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| WordPress Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

openness.microsoft.com XSS vulnerability

Vulnerable URL: http://openness.microsoft.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alertOPENBUGBOUNTY Details: Description| Value ---|--- Patched:| Yes, at 01.06.2016 Latest check for patch:| 01.06.2016 00:48 GMT Vulnerability type:| XSS Vulnerability status:| Public...

University Data Breaches Pose Threat to Students, Academic Openness

North Dakota State University administrators confirmed last week that hackers never accessed the personal information of more than 200,000 students, faculty and staff housed on the server they successfully infiltrated. This attack perfectly suits the modern hackers MO. They attack open systems...