Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Smoothwall Subscribe
Filtered by product Smoothwall
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-5283 1 Smoothwall 1 Smoothwall 2017-09-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action.
CVE-2011-5284 1 Smoothwall 1 Smoothwall 2017-09-07 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shutdown.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to cgi-bin/shutdown.cgi.
CVE-2014-9429 1 Smoothwall 1 Smoothwall 2017-09-07 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to inject arbitrary web script or HTML via the (1) PROFILENAME parameter in a Save action to httpd/cgi-bin/pppsetup.cgi or (2) COMMENT parameter in an Add action to httpd/cgi-bin/ddns.cgi.
CVE-2014-9430 1 Smoothwall 1 Smoothwall 2017-09-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in httpd/cgi-bin/vpn.cgi/vpnconfig.dat in Smoothwall Express 3.0 SP3 allows remote attackers to inject arbitrary web script or HTML via the COMMENT parameter in an Add action.
CVE-2014-9431 1 Smoothwall 1 Smoothwall 2017-09-07 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi.
CVE-2003-0209 2 Smoothwall, Sourcefire 2 Smoothwall, Snort 2016-10-17 10.0 HIGH N/A
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.