Lucene search
K

190 matches found

RedhatCVE
RedhatCVE
added 2025/05/27 7:37 a.m.19 views

CVE-2025-5146

A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...

6.5CVSS7.5AI score0.01291EPSS
Exploits0References1
NVD
NVD
added 2025/05/26 12:15 p.m.13 views

CVE-2025-5183

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. The attack may be initiated...

5.1CVSS0.00238EPSS
Exploits0References3
OSV
OSV
added 2025/05/26 12:15 p.m.3 views

CVE-2025-5184

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response Header Handler. The manipulation leads to information disclosure. It is possible to launch the...

7.5CVSS4.7AI score0.00316EPSS
Exploits0References3
CVE
CVE
added 2025/05/26 11:31 a.m.50 views

CVE-2025-5183

Summary: Summer Pearl Group Vacation Rental Management Platform (up to v1.0.1) has an open redirect caused by manipulation of the Host argument in the Header Handler. This may enable remote abuse to redirect users to arbitrary URLs. Exploit details are not provided in the connected documents. Rem...

5.1CVSS4AI score0.00238EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/05/26 11:31 a.m.16 views

CVE-2025-5183 Summer Pearl Group Vacation Rental Management Platform Header redirect

A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. The attack may be initiated...

5.1CVSS0.00238EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/25 7:0 a.m.8 views

CVE-2025-5146 Netcore NBR200V2 HTTP Header routerd passwd_set command injection

A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...

6.5CVSS6.9AI score0.01291EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/25 7:0 a.m.19 views

CVE-2025-5146 Netcore NBR200V2 HTTP Header routerd passwd_set command injection

A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified as critical. This vulnerability affects the function passwdset of the file /usr/bin/routerd of the component HTTP Header Handler. The manipulation of the...

6.5CVSS0.01291EPSS
Exploits0References4
CVE
CVE
added 2025/05/25 7:0 a.m.63 views

CVE-2025-5146

CVE-2025-5146 affects Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 (up to 20250508). The vulnerability resides in the passwd_set function of /usr/bin/routerd within the HTTP Header Handler, where manipulation of the pwd argument enables remote command injection. The e...

6.5CVSS6.9AI score0.01291EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/25 12:0 a.m.6 views

PT-2025-22857 · Netcore · Netcore Nbr100V2 +6

Name of the Vulnerable Software and Affected Versions: Netcore NBR1005GPEV2 versions up to 20250508 Netcore B6V2 versions up to 20250508 Netcore COVER5 versions up to 20250508 Netcore NAP830 versions up to 20250508 Netcore NAP930 versions up to 20250508 Netcore NBR100V2 versions up to 20250508...

6.5CVSS6.8AI score0.01291EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/23 11:38 a.m.8 views

CVE-2025-0697

A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely...

6.9CVSS7.3AI score0.00464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:47 a.m.9 views

CVE-2023-4463

A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated remotely. The exploit...

7.5CVSS7AI score0.01006EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.6 views

CVE-2023-4965

A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...

4.8CVSS6.8AI score0.00538EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:3 a.m.6 views

CVE-2019-25101

A vulnerability classified as critical has been found in OnShift TurboGears 1.0.11.10. This affects an unknown part of the file turbogears/controllers.py of the component HTTP Header Handler. The manipulation leads to http response splitting. It is possible to initiate the attack remotely...

9.8CVSS6.9AI score0.00854EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.2 views

D-Link DIR-880L /htdocs/ssdpcgi File Command Injection Vulnerability

The D-Link DIR-880L is a dual-band Gigabit wireless router from China's AUO D-Link. The D-Link DIR-880L suffers from a command injection vulnerability, which arises from the failure of the file /htdocs/ssdpcgi in the component Request Header Handler to correctly filter the constructed command...

9.8CVSS6.5AI score0.1651EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/08 7:11 a.m.8 views

CVE-2025-4328

A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file...

5.1CVSS6.9AI score0.00258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/06 8:31 a.m.9 views

CVE-2025-4341 D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection

A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command...

6.5CVSS7.5AI score0.1651EPSS
Exploits0References5
NVD
NVD
added 2025/05/06 7:15 a.m.9 views

CVE-2025-4328

A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa. It has been declared as problematic. Affected by this vulnerability is the function sendBack of the file...

5.1CVSS0.00258EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.2 views

spring-cloud-base 安全漏洞

spring-cloud-base is an application by fp2952 individual developer. A security vulnerability exists in spring-cloud-base, which originates in the component HTTP Header Handler in the file /spring-cloud-base-master/auth-center/auth-center-provider/src/main/java/com/...

5.1CVSS4.8AI score0.00258EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.5 views

PT-2025-19924 · Unknown · Spring-Cloud-Base

Name of the Vulnerable Software and Affected Versions: spring-cloud-base versions up to 7f050dc6db9afab82c5ce1d41cd74ed255ec9bfa Description: A problem has been declared in the function sendBack of the file...

5.1CVSS3.7AI score0.00258EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/04/02 12:0 a.m.6 views

The vulnerability of the HeaderHandler component in the Java framework of Apache Camel allows a attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the Header Handler component in the Java framework Apache Camel is related to the lack of measures taken to neutralize internal special elements. Exploiting this vulnerability allows a remote attacker to compromise the integrity and accessibility of the protected information...

4.8CVSS7AI score0.71999EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder