An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md...
4.8CVSS
5.7AI Score
0.001EPSS
Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code...
9.8CVSS
9.7AI Score
0.004EPSS
Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download...
9.8CVSS
9.5AI Score
0.002EPSS
Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component...
9.8CVSS
9.6AI Score
0.002EPSS
Halo-1.5.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via...
4.8CVSS
5AI Score
0.001EPSS
Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload...
7.5CVSS
7.7AI Score
0.001EPSS
In halo 1.4.14, the function point of uploading the avatar, any file can be uploaded, such as uploading an HTML file, which will cause a stored XSS...
5.4CVSS
5.2AI Score
0.001EPSS
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article tag. An authenticated admin attacker can inject arbitrary javascript code that will execute on a victim’s...
4.8CVSS
4.9AI Score
0.001EPSS
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s...
5.4CVSS
5.2AI Score
0.001EPSS
In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored Cross-Site Scripting (XSS) in the profile image. An authenticated attacker can upload a carefully crafted SVG file that will trigger arbitrary javascript to run on a victim’s...
5.4CVSS
5.2AI Score
0.001EPSS
5.4CVSS
6.4AI Score
0.001EPSS
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server...
7.5CVSS
7.3AI Score
0.003EPSS
Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a malicious user to bypass encrption to view encrpted articles via...
5.3CVSS
5.3AI Score
0.001EPSS
9.1CVSS
9.1AI Score
0.001EPSS
Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName...
9.8CVSS
7.8AI Score
0.004EPSS
Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwarded-for Header...
6.1CVSS
6.6AI Score
0.001EPSS
Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary...
6.1CVSS
6.8AI Score
0.001EPSS
An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite some files, such as ftl files, .bashrc files in the user directory, and finally get the permissions of the operating...
9.8CVSS
7.3AI Score
0.002EPSS
An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass...
9.8CVSS
9.3AI Score
0.002EPSS
Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass...
7.5CVSS
7.3AI Score
0.003EPSS
There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos...
9.1CVSS
7.3AI Score
0.003EPSS
There is an Arbitrary file deletion vulnerability in halo v1.1.3. A backup function in the background allows a user, when deleting their backup files, to delete any files on the system through directory...
7.7CVSS
7.3AI Score
0.001EPSS
A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign...
9.8CVSS
8.5AI Score
0.006EPSS
Halo blog 1.2.0 allows users to submit comments on blog posts via /api/content/posts/comments. The javascript code supplied by the attacker will then execute in the victim user's...
5.4CVSS
7.7AI Score
0.001EPSS
Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI) because TemplateClassResolver.SAFER_RESOLVER is not used in the FreeMarker...
7.2CVSS
7.8AI Score
0.01EPSS
5.4CVSS
6AI Score
0.001EPSS
The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by...
7.1CVSS
7AI Score
0.0005EPSS
6.1CVSS
5.9AI Score
0.001EPSS
ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to...
6.1CVSS
5.9AI Score
0.001EPSS