9 matches found
AIOHTTP accepts duplicate Host headers
Summary Multiple Host headers were allowed in aiohttp. Impact Mostly this doesn't affect aiohttp security itself, but if a reverse proxy is applying security rules depending on the target Host, it is theoretically possible that the proxy and aiohttp could process different host names, possibly...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
CVE-2015-1581
Multiple cross-site request forgery CSRF vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings or conduct cross-site scripting XSS attacks via the 2 domain, 3 text, 4 font, 5...
Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit
No description provided by source. !-- Change url /str0ke -- form method=post name=addform action=http://url/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1 table tr class=looplistingDark td width=19% class=ContentsWebsite Name : /td td width=73% class=contents input...
Fedora 13 : dhcp-4.1.1-27.P1.fc13 (2010-17303)
Thu Nov 4 2010 Jiri Popelka - 12:4.1.1-27.P1 - Fix for CVE-2010-3611 649880 - Wed Oct 13 2010 Jiri Popelka - 12:4.1.1-26.P1 - Server was ignoring client's Solicit where client included address/prefix as a preference 634842 - Tue Sep 7 2010 Jiri Popelka - 12:4.1.1-25.P1 - Hardening...
Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit
No description provided by source. !-- Change url /str0ke -- form method="post" name="addform" action="http://url/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1" table tr class="looplistingDark" td width="19%" class="Contents"Website Name : /td td width="73%"...
Hosting Controller <= 6.1 HotFix 2.2 Add Domain without Quota Exploit
Exploit for unknown platform in category web applications ===================================================================== Hosting Controller Website Name : ThirdLevelDomainCheck: WebUsers: hostcustid: Website Type : IP Based Domain Name Based Domain IPAddress : input type="TEXT" name="fIPA...
Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota
Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Website Name : ThirdLevelDomainCheck: WebUsers: hostcustid: Website Type : IP Based Domain Name Based Domain IPAddress : PortNo :IPLessDomain: td colspan="2" a...