Lucene search
K

209 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/16 5:5 p.m.5 views

CVE-2019-25390

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE...

5.4CVSS5.6AI score0.00199EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/16 5:5 p.m.44 views

CVE-2019-25390

CVE-2019-25390 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9. The vulnerability is a set of multiple reflected cross-site scripting flaws in the interfaces.cgi script, exploitable via posted parameters such as GREEN_ADDRESS, GREEN_NETMASK, RED_DHCP_HOSTNAME, RED_ADDRESS, DNS1_OVERRIDE, ...

6.1CVSS5.6AI score0.00199EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:5 p.m.4 views

CVE-2019-25390 Smoothwall Express 3.1 'interfaces.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE...

5.4CVSS5.6AI score0.00199EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/16 5:5 p.m.30 views

CVE-2019-25390 Smoothwall Express 3.1 'interfaces.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREENADDRESS, GREENNETMASK, REDDHCPHOSTNAME, REDADDRESS, DNS1OVERRIDE...

5.4CVSS0.00199EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/16 5:5 p.m.4 views

CVE-2019-25389 Smoothwall Express 3.1 'timedaccess.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the MACHINES parameter. Attackers can craft requests to the timedaccess.cgi endpoint with script payloads in the...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:5 p.m.2 views

CVE-2019-25389

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the MACHINES parameter. Attackers can craft requests to the timedaccess.cgi endpoint with script payloads in the...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/16 5:5 p.m.16 views

CVE-2019-25389

CVE-2019-25389 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9. It is a reflected cross-site scripting vulnerability in the timedaccess.cgi endpoint where an attacker can inject scripts via the MACHINES parameter to execute arbitrary JavaScript in users’ browsers. The issue is exploitable...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/16 5:5 p.m.15 views

CVE-2019-25388

The vulnerability CVE-2019-25388 affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, specifically the ipblock.cgi endpoint. It is a reflected cross-site scripting flaw where a crafted POST request can inject script tags through SRC_IP and COMMENT parameters, allowing arbitrary JavaScript exe...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:5 p.m.6 views

CVE-2019-25388 Smoothwall Express 3.1 'ipblock.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject script tags through the SRCIP and COMMENT paramete...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:5 p.m.4 views

CVE-2019-25388

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject script tags through the SRCIP and COMMENT paramete...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:5 p.m.29 views

CVE-2019-25388 Smoothwall Express 3.1 'ipblock.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject script tags through the SRCIP and COMMENT paramete...

6.1CVSS0.00244EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:5 p.m.19 views

CVE-2019-25387

Smoothwall Express 3.1-SP4-polar-x86_64-update9 is affected by a reflected cross-site scripting vulnerability in xtaccess.cgi. An unauthenticated attacker can inject JavaScript by sending crafted input to the xtaccess.cgi endpoint via POST, exploiting the EXT, DEST_PORT, or COMMENT parameters to ...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:5 p.m.2 views

CVE-2019-25387 Smoothwall Express 3.1 'xtaccess.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the xtaccess.cgi endpoint. Attackers can inject script payloads through the EXT, DESTPORT, or...

6.1CVSS5.6AI score0.00244EPSS
Exploits1References3
CVE
CVE
added 2026/02/16 5:4 p.m.33 views

CVE-2019-25385

The CVE affects Smoothwall Express 3.1-SP4-polar-x86_64-update9, where the outgoing.cgi endpoint is vulnerable to a reflected cross-site scripting (XSS) via the MACHINE and MACHINECOMMENT parameters. An attacker can craft POST requests to execute arbitrary JavaScript in victims’ browsers and pote...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.5 views

CVE-2019-25385

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to the outgoing.cgi endpoint with script payloads to...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.5 views

CVE-2019-25386 Smoothwall Express 3.1 'dmzholes.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.28 views

CVE-2019-25385 Smoothwall Express 3.1 'outgoing.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to the outgoing.cgi endpoint with script payloads to...

6.1CVSS0.00225EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/16 5:4 p.m.3 views

CVE-2019-25385 Smoothwall Express 3.1 'outgoing.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to the outgoing.cgi endpoint with script payloads to...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/16 5:4 p.m.6 views

CVE-2019-25386

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...

6.1CVSS5.6AI score0.00225EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:4 p.m.25 views

CVE-2019-25386 Smoothwall Express 3.1 'dmzholes.cgi' Cross-Site Scripting

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...

6.1CVSS0.00225EPSS
Exploits1References3
Rows per page
Query Builder