Smoothwall

Smoothwall Express

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2019-25395

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:05:07
  • Zuletzt bearbeitet 20.02.2026 16:31:49

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attack...

6.1

CVE-2019-25394

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:05:07
  • Zuletzt bearbeitet 20.02.2026 16:31:34

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in p...

6.1

CVE-2019-25393

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.02.2026 17:05:06
  • Zuletzt bearbeitet 20.02.2026 16:31:23

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests ...

6.1

CVE-2019-25392

Exploit
  • EPSS 0.07%
  • Veröffentlicht 16.02.2026 17:05:05
  • Zuletzt bearbeitet 20.02.2026 16:31:18

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptool...

6.1

CVE-2019-25390

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:05:04
  • Zuletzt bearbeitet 20.02.2026 16:31:10

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREEN_ADDRESS, GREEN_...

6.1

CVE-2019-25389

Exploit
  • EPSS 0.07%
  • Veröffentlicht 16.02.2026 17:05:03
  • Zuletzt bearbeitet 20.02.2026 16:30:56

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the MACHINES parameter. Attackers can craft requests to the time...

6.1

CVE-2019-25388

Exploit
  • EPSS 0.07%
  • Veröffentlicht 16.02.2026 17:05:02
  • Zuletzt bearbeitet 20.02.2026 16:27:01

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject sc...

6.1

CVE-2019-25387

Exploit
  • EPSS 0.07%
  • Veröffentlicht 16.02.2026 17:05:00
  • Zuletzt bearbeitet 20.02.2026 16:26:53

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the xtaccess.cgi endpoint. Attackers can inject s...

6.1

CVE-2019-25385

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:04:59
  • Zuletzt bearbeitet 20.02.2026 16:26:41

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the MACHINE and MACHINECOMMENT parameters. Attackers can send POST requests to t...

6.1

CVE-2019-25386

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:04:59
  • Zuletzt bearbeitet 20.02.2026 16:26:47

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST req...