CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4226 – RSFirewall < 1.1.25 - IP Block Bypass
https://notcve.org/view.php?id=CVE-2021-4226
13 Apr 2022 — RSFirewall tries to identify the original IP address by looking at different HTTP headers. A bypass is possible due to the way it is implemented. RSFirewall intenta identificar la dirección IP original observando diferentes encabezados HTTP. Es posible una omisión debido a la forma en que se implementa. The RSFirewall! • https://wpscan.com/vulnerability/c0ed80c8-ebbf-4ed9-b02f-31660097c352 • CWE-348: Use of Less Trusted Source •
CVSS: 6.1EPSS: 4%CPEs: 2EXPL: 3CVE-2010-2464 – Joomla! Component RSComments 1.0.0 - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2464
25 Jun 2010 — Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados ( XSS) en el componente RSComments (com_rscomments) v1.0.0 Rev 2 para Joomla! permite a atacantes remotos inyectar código web o HTML de su elección a través de los parámetros (1) website y (2) name e... • https://www.exploit-db.com/exploits/13935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •