Smoothwall : Security Vulnerabilities, CVEs, Published In 2014 (XSS)
Cross-site scripting (XSS) vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter in an Add action.
Max CVSS
4.3
EPSS Score
0.16%
Published
2014-12-31
Updated
2017-09-08
Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to inject arbitrary web script or HTML via the (1) PROFILENAME parameter in a Save action to httpd/cgi-bin/pppsetup.cgi or (2) COMMENT parameter in an Add action to httpd/cgi-bin/ddns.cgi.
Max CVSS
4.3
EPSS Score
0.16%
Published
2014-12-31
Updated
2017-09-08
Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action.
Max CVSS
4.3
EPSS Score
0.29%
Published
2014-12-31
Updated
2017-09-08
3 vulnerabilities found