349 matches found
CVE-2026-22201
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
CVE-2026-22201 wpDiscuz before 7.6.47 - IP Address Spoofing in getIP()
wpDiscuz before 7.6.47 contains an IP spoofing vulnerability in the getIP function that allows attackers to bypass IP-based rate limiting and ban enforcement by trusting untrusted HTTP headers. Attackers can set HTTPCLIENTIP or HTTPXFORWARDEDFOR headers to spoof their IP address and circumvent...
PT-2026-26410
Summary OpenClaw used left-most X-Forwarded-For values when requests came from configured trusted proxies. In proxy chains that append/preserve header values, this could let attacker-controlled header content influence security decisions tied to client IP. Affected Packages / Versions - Package:...
CVE-2020-37056
The CVE-2020-37056 entry concerns Crystal Shard http-protection 0.2.0, where an IP-spoofing flaw allows bypass of protection middleware by crafting headers. Specifically, attackers can set consistent values in X-Forwarded-For, X-Client-IP, and X-Real-IP to defeat checks and gain unauthorized acce...
MiracleLinux 7 : kde-settings-19-23.9.el7, kde-workspace-4.11.19-13.el7, kdelibs-4.14.8-10.el7, kmag-4.10.5-4.el7, virtuoso-opensource-6.1.6-7.el7 (AXSA:2019-4210:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4210:01 advisory. kde-workspace: Missing sanitization of notifications allows to leak client IP address via IMG element CVE-2018-6790 Tenable has extracted the preceding...
CVE-2005-1716
TOPo 2.2 2.2.178 stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses...
CVE-2023-4279
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...
CVE-2023-4281
This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...
CVE-2018-19510
subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP request header...
CVE-2010-0384
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log...
CVE-2025-65328
Mega-Fence webgate-lib. 25.1.914 and prior trusts the first value of the X-Forwarded-For XFF header as the client IP without validating a trusted proxy chain. An attacker can supply an arbitrary XFF value in a remote request to spoof the client IP, which is then propagated to security-relevant...
curl: HAProxy Connection Reuse leads to IP Spoofing and mTLS Context Smuggling
Executive Summary libcurl fails to respect the CURLOPTHAPROXYCLIENTIP configuration when reusing existing connections. Due to a missing check in the connection pooling logic, libcurl indiscriminately reuses a TCP/TLS connection established with a specific identity IP A for subsequent requests...
CVE-2025-36360
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
CVE-2025-36360
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
Improper Output Neutralization for Logs
Overview Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the unconditional acceptance of attacker-supplied HTTP headers in the getclientip function. An attacker can manipulate server-visible metadata, logs, and authorization decisions by supplying...
CVE-2025-66577 cpp-httplib Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can supply X-Forwarded-For or X-Real-IP headers which...
PT-2025-47024
Name of the Vulnerable Software and Affected Versions Screen SFT DAB 600/C firmware versions up to and including 1.9.3 Description The Screen SFT DAB 600/C firmware has an issue with access control on the user management API. Unauthenticated requests can retrieve structured user data, including...
EUVD-2018-18537
Malware in sbrugna...
EUVD-2017-7826
Malware in sbrugna...
EUVD-2005-1718
Malware in sbrugna...