Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 5:0 p.m.4 views

CVE-2026-26352

Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPNIP parameter. Authenticated attackers can inject arbitrary JavaScript through VPN configuration settings that executes whe...

5.4CVSS5.9AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/30 4:49 p.m.21 views

CVE-2026-26352 Smoothwall Express < 3.1 Update 13 Stored XSS in vpnmain.cgi via VPN_IP Parameter

Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPNIP parameter. Authenticated attackers can inject arbitrary JavaScript through VPN configuration settings that executes whe...

5.4CVSS0.00138EPSS
Exploits0References2
CVE
CVE
added 2026/03/30 4:49 p.m.11 views

CVE-2026-26352

Affected product/versions: Smoothwall Express

5.4CVSS5.9AI score0.00138EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 4:49 p.m.3 views

CVE-2026-26352 Smoothwall Express < 3.1 Update 13 Stored XSS in vpnmain.cgi via VPN_IP Parameter

Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPNIP parameter. Authenticated attackers can inject arbitrary JavaScript through VPN configuration settings that executes whe...

5.4CVSS5.9AI score0.00138EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/07 7:32 a.m.19 views

CVE-2025-14186 Grandstream GXP1625 Network Status api.values.post cross site scripting

A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...

5.1CVSS0.00195EPSS
Exploits0References4
Rows per page
Query Builder