5.1
CVE-2019-25384 - Smoothwall Express 3.1 'portfw.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the portfw.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the EXT, SRC_PORT_SELโฆ
5.1
CVE-2019-25383 - Smoothwall Express 3.1 'apcupsd.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the apcupsd.cgi script that allow attackers to inject malicious scripts through multiple POST parameters. Attackers can submit crafted POST requests with script payloads in parametersโฆ
5.1
CVE-2019-25382 - Smoothwall Express 3.1 'time.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the NTP_SERVER parameter. Attackers can send POST requests to the time.cgi endpoint with script payloads in the Nโฆ
5.1
CVE-2019-25381 - Smoothwall Express 3.1 'hosts.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests to the hosts.cgi endpoint with script payloadsโฆ
5.1
CVE-2019-25380 - Smoothwall Express 3.1 'dhcp.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script that allow attackers to inject malicious scripts through multiple parameters. Attackers can submit POST requests to dhcp.cgi with script payloads in parameters sucโฆ
5.3
CVE-2019-25379 - Smoothwall Express 3.1 'urlfilter.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilter.cgi endpoint that allow attackers to inject malicious scripts. Attackers can submit POST requests with script payloads in the REDIRECT_PAGE or CHILDREN parameters to eโฆ
5.1
CVE-2019-25378 - Smoothwall Express 3.1 'proxy.cgi' Cross-Site Scripting
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple cross-site scripting vulnerabilities in the proxy.cgi endpoint that allow attackers to inject malicious scripts through parameters including CACHE_SIZE, MAX_SIZE, MIN_SIZE, MAX_OUTGOING_SIZE, and MAX_INCOMING_SIZE. Attackers can submโฆ
8.6
CVE-2026-2566 - Wavlink WL-NU516U1 adm.cgi sub_406194 stack-based overflow
A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub_406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmware_url leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosedโฆ
7.5
CVE-2026-2565 - Wavlink WL-NU516U1 adm.cgi sub_40785C stack-based overflow
A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the function sub_40785C of the file /cgi-bin/adm.cgi. This manipulation of the argument time_zone causes stack-based buffer overflow. The attack can be initiated remotely. The attack is considered to have high โฆ
7.2
CVE-2026-26930 - XSS via MAPI Requests in SmarterMail Prior to 9526
SmarterTools SmarterMail before 9526 allows XSS via MAPI requests.