Multiple Cross-Site Scripting Vulnerabilities in Smoothwall Express by Smoothwall
CVE-2014-9429

Currently unrated

Key Information:

Vendor: Smoothwall
Status: Smoothwall
Vendor: CVE Published:; 31 December 2014

What is CVE-2014-9429?

Smoothwall Express versions 3.1 and 3.0 SP3 are susceptible to multiple cross-site scripting vulnerabilities. These weaknesses allow remote attackers to inject arbitrary web scripts or HTML, exploiting the PROFILENAME parameter in a Save action on httpd/cgi-bin/pppsetup.cgi, and the COMMENT parameter in an Add action on httpd/cgi-bin/ddns.cgi. Successful exploitation could lead to unauthorized actions on behalf of users or potentially accessing sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/99404

vdb-entryx_refsource_XF

http://packetstormsecurity.com/files/129698/SmoothWall-3....

x_refsource_MISC

Timeline

Vulnerability published
Dec 31, 2014
Vulnerability Reserved
Dec 31, 2014

JSON

Smoothwall

What is CVE-2014-9429?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.