Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

99 matches found

RedhatCVE
RedhatCVEadded 2025/04/26 7:3 a.m.11 views

CVE-2021-36471

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on...

9.8CVSS6.9AI score0.0174EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/13 6:3 p.m.12 views

CVE-2022-23513

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS6.7AI score0.40162EPSS
Exploits4References1
BDU FSTEC
BDU FSTECadded 2023/11/10 12:0 a.m.3 views

The vulnerability of the Pi-hole AdminLTE control panel, related to inadequate access control mechanisms, allows a intruder to disclose the protected information.

The vulnerability of the Pi-hole AdminLTE dashboard is related to deficiencies in access control. Exploiting this vulnerability could allow a remote attacker to expose the protected information...

5.3CVSS5.9AI score0.40162EPSS
Exploits4References4Affected Software1
CNVD
CNVDadded 2023/04/15 12:0 a.m.10 views

SIYUCMS suffers from an arbitrary file deletion vulnerability (CNVD-2023-50754)

SIYUCMS is a content management system based on the latest version of ThinkPHP-5.1.X framework with AdminLTE in the backend front-end framework. SIYUCMS suffers from an arbitrary file deletion vulnerability, which can be exploited by an attacker to delete arbitrary files...

6.9AI score
Exploits0Affected Software1
NVD
NVDadded 2023/02/07 11:15 p.m.13 views

CVE-2021-36471

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on...

9.8CVSS9.5AI score0.0174EPSS
Exploits0References2
OSV
OSVadded 2023/02/07 11:15 p.m.13 views

CVE-2021-36471

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on...

9.8CVSS9.5AI score
Exploits0References2
Prion
Prionadded 2023/02/07 11:15 p.m.12 views

Directory traversal

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs...

7.5CVSS9.3AI score0.0174EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/02/07 12:0 a.m.4 views

CVE-2021-36471

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on...

9.5AI score0.0174EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/02/07 12:0 a.m.3 views

Pi-Hole Adminlte 路径遍历漏洞

Pi-Hole Adminlte is a control panel. It is used for statistics More... A path traversal vulnerability exists in Pi-Hole Adminlte version 3.1.0, which stems from the presence of directory traversal and can be exploited by a remote attacker to gain privilege escalation and view sensitive informatio...

9.8CVSS8.4AI score0.0174EPSS
Exploits0References3
CVE
CVEadded 2023/02/07 12:0 a.m.149 views

CVE-2021-36471

CVE-2021-36471 describes a Directory Traversal vulnerability in AdminLTE 3.1.0 that allows remote attackers to escalate privileges and view sensitive information via the /admin/index2.html and /admin/index3.html endpoints. The root cause is not detailed in the provided documents beyond these path...

9.8CVSS9.5AI score0.0174EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/02/07 12:0 a.m.3 views

PT-2023-12277 · Adminlte · Adminlte

Name of the Vulnerable Software and Affected Versions: AdminLTE version 3.1.0 Description: The issue allows remote attackers to gain escalated privilege and view sensitive information. This is achieved via the "/admin/index2.html" and "/admin/index3.html" API endpoints. The estimated number of...

9.8CVSS7.1AI score0.0174EPSS
Exploits0References9
Cvelist
Cvelistadded 2023/02/07 12:0 a.m.13 views

CVE-2021-36471

Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on...

9.7AI score0.0174EPSS
Exploits0References2
OpenVAS
OpenVASadded 2023/02/01 12:0 a.m.20 views

Pi-hole Web Interface 4.x < 5.8.13 Insufficient Session Expiration Vulnerability

The Pi-hole Web Interface previously AdminLTE is prone to an insufficient session expiration vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

8.8CVSS8.5AI score0.0097EPSS
Exploits1References1
NVD
NVDadded 2023/01/26 9:18 p.m.10 views

CVE-2023-23614

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

8.8CVSS8.6AI score0.0097EPSS
Exploits1References1
Prion
Prionadded 2023/01/26 9:18 p.m.16 views

Path traversal

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

6.5CVSS8.5AI score0.0097EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2023/01/26 10:15 a.m.84 views

CVE-2023-23614

Pi-hole Web Interface (AdminLTE) versions 4.0–5.18.2 are affected by Insufficient Session Expiration due to improper use of the admin WEBPASSWORD hash as the Remember me for 7 days cookie. The cookie’s value can be used to login (pass-the-hash) and remains valid so long as the admin password is u...

8.8CVSS8.6AI score0.0097EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2023/01/26 10:15 a.m.24 views

CVE-2023-23614 Improper session handling of "Remember me for 7 days" functionality

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

8.8CVSS8.2AI score0.0097EPSS
Exploits1References3
NVD
NVDadded 2022/12/23 12:15 a.m.14 views

CVE-2022-23513

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS0.40162EPSS
Exploits4References3
Prion
Prionadded 2022/12/23 12:15 a.m.13 views

Code injection

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5CVSS5.2AI score0.40162EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/12/22 11:17 p.m.4 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.6AI score0.40162EPSS
Exploits4References3
Rows per page
Query Builder