Lucene search
+L

209 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.6 views

CVE-2019-25385

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to the outgoing.cgi endpoint with script payloads to...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.28 views

CVE-2019-25384 Smoothwall Express 3.1 'portfw.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the portfw.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the EXT, SRCPORTSEL,...

6.1CVSS0.00225EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.4 views

CVE-2019-25384

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the portfw.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the EXT, SRCPORTSEL,...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.3 views

CVE-2019-25384 Smoothwall Express 3.1 'portfw.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the portfw.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the EXT, SRCPORTSEL,...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:4 p.m.16 views

CVE-2019-25384

CVE-2019-25384 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, with multiple reflected XSS vulnerabilities in portfw.cgi. The XSS is triggered by unvalidated parameters (EXT, SRC_PORT_SEL, SRC_PORT, DEST_IP, DEST_PORT_SEL, COMMENT) via POST requests, allowing execution of arbitrary JavaS...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.4 views

CVE-2019-25383 Smoothwall Express 3.1 'apcupsd.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the apcupsd.cgi script that allow attackers to inject malicious scripts through multiple POST parameters. Attackers can submit crafted POST requests with script payloads in parameter...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.29 views

CVE-2019-25383 Smoothwall Express 3.1 'apcupsd.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the apcupsd.cgi script that allow attackers to inject malicious scripts through multiple POST parameters. Attackers can submit crafted POST requests with script payloads in parameter...

6.1CVSS0.00225EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.6 views

CVE-2019-25383

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the apcupsd.cgi script that allow attackers to inject malicious scripts through multiple POST parameters. Attackers can submit crafted POST requests with script payloads in parameter...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/16 5:4 p.m.14 views

CVE-2019-25383

CVE-2019-25383 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9. The vulnerability is a set of reflected cross-site scripting flaws in apcupsd.cgi, allowing an attacker to inject arbitrary JavaScript in victim browsers by crafting POST requests with payloads in parameters such as BATTLEVEL...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.30 views

CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...

6.1CVSS0.00254EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.7 views

CVE-2019-25382

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...

6.1CVSS5.6AI score0.00254EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.2 views

CVE-2019-25382 Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTPSERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the...

6.1CVSS5.6AI score0.00254EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:4 p.m.23 views

CVE-2019-25382

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability in the time.cgi endpoint, exploitable via POST requests to the NTP_SERVER parameter to execute arbitrary JavaScript in users’ browsers. CVSSv3.1 base score 6.1, scope changed, impact on confide...

6.1CVSS5.6AI score0.00254EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.5 views

CVE-2019-25381

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.26 views

CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...

6.1CVSS0.00225EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.6 views

CVE-2019-25381 Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payload...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:4 p.m.22 views

CVE-2019-25381

CVE-2019-25381 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, where the script hosts.cgi is vulnerable to multiple reflected cross-site scripting flaws. The vulnerability arises from unvalidated parameters in hosts.cgi, allowing an attacker to inject script payloads via POST requests us...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.5 views

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script that allow attackers to inject malicious scripts through multiple parameters. Attackers can submit POST requests to dhcp.cgi with script payloads in parameters su...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.5 views

CVE-2019-25379

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. Attackers can submit POST requests with script payloads in the REDIRECTPAGE or CHILDREN parameters to...

7.2CVSS5.6AI score0.0025EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.3 views

CVE-2019-25379 Smoothwall Express 3.1 'urlfilter.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. Attackers can submit POST requests with script payloads in the REDIRECTPAGE or CHILDREN parameters to...

7.2CVSS5.6AI score0.0025EPSS
Exploits1References3
Rows per page
Query Builder