Smoothwall

Smoothwall Express

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2026-27508

  • EPSS 0.03%
  • Veröffentlicht 30.03.2026 16:51:50
  • Zuletzt bearbeitet 14.04.2026 16:32:57

Smoothwall Express versions prior to 3.1 Update 13 contain a reflected cross-site scripting vulnerability in the /redirect.cgi endpoint due to improper sanitation of the url parameter. Attackers can craft malicious URLs with javascript: schemes that ...

5.4

CVE-2026-26352

  • EPSS 0.03%
  • Veröffentlicht 30.03.2026 16:49:16
  • Zuletzt bearbeitet 14.04.2026 16:34:30

Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPN_IP parameter. Authenticated attackers can inject arbitrary JavaScript thro...

6.1

CVE-2019-25395

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.02.2026 17:05:07
  • Zuletzt bearbeitet 20.02.2026 16:31:49

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.cgi script that allow attackers to inject malicious scripts through the HOSTNAME, KEYMAP, and OPENNESS parameters. Attack...

6.1

CVE-2019-25394

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.02.2026 17:05:07
  • Zuletzt bearbeitet 20.02.2026 16:31:34

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi script that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted payloads in p...

6.1

CVE-2019-25393

Exploit
  • EPSS 0.06%
  • Veröffentlicht 16.02.2026 17:05:06
  • Zuletzt bearbeitet 20.02.2026 16:31:23

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests ...

6.1

CVE-2019-25392

Exploit
  • EPSS 0.12%
  • Veröffentlicht 16.02.2026 17:05:05
  • Zuletzt bearbeitet 20.02.2026 16:31:18

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptool...

6.1

CVE-2019-25390

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.02.2026 17:05:04
  • Zuletzt bearbeitet 20.02.2026 16:31:10

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the interfaces.cgi script that allow attackers to inject malicious scripts through multiple parameters including GREEN_ADDRESS, GREEN_...

6.1

CVE-2019-25389

Exploit
  • EPSS 0.12%
  • Veröffentlicht 16.02.2026 17:05:03
  • Zuletzt bearbeitet 20.02.2026 16:30:56

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the MACHINES parameter. Attackers can craft requests to the time...

6.1

CVE-2019-25388

Exploit
  • EPSS 0.12%
  • Veröffentlicht 16.02.2026 17:05:02
  • Zuletzt bearbeitet 20.02.2026 16:27:01

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject sc...

6.1

CVE-2019-25387

Exploit
  • EPSS 0.12%
  • Veröffentlicht 16.02.2026 17:05:00
  • Zuletzt bearbeitet 20.02.2026 16:26:53

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the xtaccess.cgi endpoint. Attackers can inject s...