3 matches found
CVE-2026-34816 Endian Firewall /manage/smtpscan/domainrouting/ domain Stored Cross-Site Scripting
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the domain parameter to /manage/smtpscan/domainrouting/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
H3C GR-3000AX 安全漏洞
The H3C GR-3000AX is an enterprise-grade Wi-Fi 6 wireless router from China's Xinhua San H3C. A security vulnerability exists in the H3C GR-3000AX V100R007L50 version, which originates from a buffer overflow due to incorrect operation of the parameter param in the file /routing/goform/aspForm...
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/
Description The Introduction of a New Line Character lets the attacker the stack trace at demo.microweber.org/ This Attack becomes more significant because of its Less complication. The Stack trace discloses following information : 1. Backend Response code. 2. The Versions of Backend Laravel...