389 matches found
HTTP Host Header Attack Vulnerabilities
The package laminas/laminas-diactoros Diactoros is a PSR-7 HTTP Message and PSR-17 HTTP Message Factory implementation, providing HTTP request and response message representations both for making HTTP client requests and responding to HTTP requests server-side. When responding to an incoming...
Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack.
Description Impact Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a Laminas\Diactoros\Uri instance associated with the incoming server request modified to reflect values from...
Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack.
Impact Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a Laminas\Diactoros\Uri instance associated with the incoming server request modified to reflect values from X-Forwarded-...
GHSA-P2J4-VRGX-96QG MODX Revolution XSS via HTTP Host header
In MODX Revolution before 2.5.7, an attacker might be able to trigger XSS by injecting a payload into the HTTP Host header of a request. This is exploitable only in conjunction with other issues such as Cache Poisoning...
MODX Revolution XSS via HTTP Host header
In MODX Revolution before 2.5.7, an attacker might be able to trigger XSS by injecting a payload into the HTTP Host header of a request. This is exploitable only in conjunction with other issues such as Cache Poisoning...
Django DNS Rebinding Vulnerability
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWEDHOSTS...
GHSA-RM2J-X595-Q9CJ Django Vulnerable to Cache Poisoning
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request...
GHSA-2MVG-C6MG-3Q63 Concrete CMS vulnerable to cross-site scripting (XSS)
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header. This is stored...
GHSA-5CW4-GGX9-36VG Apache Tomcat Denial of Service via Malformed Request Headers
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and modjk load balancing are used, allows remote attackers to cause a denial of service application outage via a crafted request with invalid headers, related to temporary blocking of...
GHSA-PW97-6V74-9W3P EC-CUBE improperly handles HTTP Host header values
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users...
Design/Logic Flaw
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users...
CVE-2022-25355
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users...
CVE-2022-25355
EC-CUBE 3.0.0 to 3.0.18-p3 and EC-CUBE 4.0.0 to 4.1.1 improperly handle HTTP Host header values, which may lead a remote unauthenticated attacker to direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users...
JVN#53871926: EC-CUBE improperly handles HTTP Host header values
EC-CUBE provided by EC-CUBE CO.,LTD. improperly handles HTTP Host header values CWE-913. Impact A remote attacker may direct the vulnerable version of EC-CUBE to send an Email with some forged reissue-password URL to EC-CUBE users. Solution Apply Workaround Apply the following workaround to avoid...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
Design/Logic Flaw
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
CVE-2021-43106
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the...
Authorization Bypass
haproxy is vulnerable to authorization bypass. Lack of validation of the HTTP Host header could potentially result in bypass of access controls due to a mishandling of the Host and authority. The fix for the original CVE is correctly included in OpenShift 4.9.11.The release of OpenShift 4.9.6...
RHEL 7 / 8 : OpenShift Container Platform 4.9.6 packages and (RHSA-2021:4118)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4118 advisory. - haproxy: does not ensure that the scheme and path portions of a URI have the expected characters CVE-2021-39240 - haproxy: an HTTP...
EulerOS 2.0 SP9 : haproxy (EulerOS-SA-2021-2712)
According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contai...