Lucene search
K

11 matches found

CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Pi-Hole Adminlte 安全漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had security vulnerabilities. These vulnerabilities stemmed from a reflection-based DOM cross-site scripting vulnerability in the taillog.js library, which could allow unauthenticated...

6.1CVSS5.8AI score0.00187EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.16 views

Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had a cross-site scripting vulnerability. This vulnerability occurred due to the direct insertion of configuration values into HTML attributes without escaping, which could lead to HTML...

6.1CVSS5.7AI score0.00254EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.12 views

Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of escaping of client hostname and IP address values in tooltips for web pages and dashboard charts,...

6.1CVSS5.6AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

Pi-Hole Adminlte 注入漏洞

Pi-Hole Adminlte is a control panel. It is used for statistics More... An injection vulnerability exists in Pi-Hole Adminlte versions prior to 6.3 that stems from failure to properly clean up input when redirecting requests for files with the .lp extension, which could lead to a CRLF injection...

8.2CVSS6.9AI score0.00398EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/02/07 12:0 a.m.4 views

Pi-Hole Adminlte 路径遍历漏洞

Pi-Hole Adminlte is a control panel. It is used for statistics More... A path traversal vulnerability exists in Pi-Hole Adminlte version 3.1.0, which stems from the presence of directory traversal and can be exploited by a remote attacker to gain privilege escalation and view sensitive informatio...

9.8CVSS8.4AI score0.0174EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/07/07 9:55 p.m.10 views

CVE-2022-31029 Authenticated XSS in Pi-hole AdminLTE

AdminLTE is a Pi-hole Dashboard for stats and configuration. In affected versions inserting code like alert"XSS" in the field marked with "Domain to look for" and hitting enter or clicking on any of the buttons will execute the script. The user must be logged in to use this vulnerability. Usually...

5.9CVSS5.8AI score0.00393EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.5 views

Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a Pi-Hole control panel. It is used for statistical More... Pi-Hole adminlte suffers from a cross-site scripting vulnerability that stems from the vulnerability to incorrect neutralization of input during web page generation "cross-site scripting"...

6.7CVSS6.5AI score0.00532EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.5 views

Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a Pi-Hole control panel. It is used for statistical More... Pi-Hole adminlte suffers from a cross-site scripting vulnerability that stems from the vulnerability to incorrect neutralization of input during web page generation "cross-site scripting"...

6.7CVSS6.5AI score0.00532EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/09/15 12:0 a.m.5 views

Pi-Hole Adminlte 安全漏洞

Pi-Hole Adminlte is a Pi-Hole control panel. It is used for statistical More... Pi-Hole Adminlte has a security vulnerability that originates from an improperly designed or implemented code development process for a networked system or product...

7.5CVSS7.4AI score0.01066EPSS
Exploits1References3
Huntr
Huntr
added 2021/09/01 6:0 p.m.19 views

Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte

✍️ Description Reflected XSS on any POST parameters with a correct token on /admin/settings.php When field is not in the defined list , $debug value is set to true , and the $POST is dumped without filtering 🕵️‍♂️ Proof of Concept 1. Login as admin 2. Settings - Flush log 3. replace field with XSS...

4.3CVSS0.1AI score0.00532EPSS
Exploits1
Huntr
Huntr
added 2021/09/01 10:54 a.m.26 views

Cross-site Scripting (XSS) - Reflected in pi-hole/adminlte

✍️ Description Reflected XSS in POST /admin/scripts/pi-hole/php/customcname.php 🕵️‍♂️ Proof of Concept 1. Login as admin, Go to Local DNS - CNAME Records - Add a new CNAME record 2. Input alert1 in domain field and anything in target domain. 3. The Payload in post body domain is URL encoded, use a...

4.3CVSS0.2AI score0.00532EPSS
Exploits1
Rows per page
Query Builder