Lucene search
K

9 matches found

Github Security Blog
Github Security Blog
added 2026/04/01 9:49 p.m.7 views

AIOHTTP accepts duplicate Host headers

Summary Multiple Host headers were allowed in aiohttp. Impact Mostly this doesn't affect aiohttp security itself, but if a reverse proxy is applying security rules depending on the target Host, it is theoretically possible that the proxy and aiohttp could process different host names, possibly...

6.3CVSS5.9AI score0.00288EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:55 a.m.4 views

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...

7.2CVSS6.3AI score0.00534EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/19 12:0 a.m.30 views

CVE-2024-28092

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...

5.8AI score0.00534EPSS
Exploits0References1
NVD
NVD
added 2015/02/11 7:59 p.m.12 views

CVE-2015-1581

Multiple cross-site request forgery CSRF vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS attacks via the 2 domain, 3 text, 4 font, 5...

6.8CVSS6.6AI score0.01001EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit

No description provided by source. !-- Change url /str0ke -- form method=post name=addform action=http://url/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1 table tr class=looplistingDark td width=19% class=ContentsWebsite Name : /td td width=73% class=contents input...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/11/23 12:0 a.m.37 views

Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)

Thu Nov 4 2010 Jiri Popelka - 12:4.1.1-27.P1 - Fix for CVE-2010-3611 649880 - Wed Oct 13 2010 Jiri Popelka - 12:4.1.1-26.P1 - Server was ignoring client's Solicit where client included address/prefix as a preference 634842 - Tue Sep 7 2010 Jiri Popelka - 12:4.1.1-25.P1 - Hardening...

5CVSS6.4AI score0.76412EPSS
Exploits7References3
seebug.org
seebug.org
added 2005/07/18 12:0 a.m.11 views

Hosting Controller &lt;= 6.1 HotFix 2.2 Add Domain without Quota Exploit

No description provided by source. !-- Change url /str0ke -- form method="post" name="addform" action="http://url/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1" table tr class="looplistingDark" td width="19%" class="Contents"Website Name : /td td width="73%"...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/07/18 12:0 a.m.80 views

Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit

Exploit for unknown platform in category web applications ===================================================================== Hosting Controller Website Name : ThirdLevelDomainCheck: WebUsers: hostcustid: Website Type : IP Based Domain Name Based Domain IPAddress : input type="TEXT" name="fIPA...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/07/18 12:0 a.m.11 views

Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota

Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Website Name : ThirdLevelDomainCheck: WebUsers: hostcustid: Website Type : IP Based Domain Name Based Domain IPAddress : PortNo :IPLessDomain: td colspan="2" a...

0.2AI score
Exploits0
Rows per page
Query Builder