Lucene search
K

12 matches found

OSV
OSV
added 2026/02/27 8:21 p.m.5 views

UBUNTU-CVE-2026-27824

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.8AI score0.00148EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/27 7:46 p.m.28 views

CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS0.00148EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/27 7:46 p.m.4 views

CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 7:46 p.m.6 views

CVE-2026-27824 calibre has IP Ban Bypass via X-Forwarded-For Header Spoofing

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both remoteaddr and the X-Forwarded-For header. Since the X-Forwarded-For header i...

5.3CVSS5.9AI score0.00148EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 a.m.12 views

CVE-2017-18462

cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled SEC-224...

7.5CVSS7AI score0.00939EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2022/01/06 12:0 a.m.20 views

IP2Location Country Blocker < 2.26.5 - Ban Bypass

The plugin bans can be bypassed by using a specific parameter in the URL PoC https://example.com/?admin-ajax=hehe...

6.5CVSS0.8AI score0.01047EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2022/01/06 12:0 a.m.84 views

IP2Location Country Blocker < 2.26.5 - Ban Bypass

The plugin bans can be bypassed by using a specific parameter in the URL https://example.com/?admin-ajax=hehe...

6.5CVSS1.8AI score0.01047EPSS
Exploits2References1
Patchstack
Patchstack
added 2022/01/06 12:0 a.m.13 views

WordPress IP2Location Country Blocker plugin <= 2.26.4 - Ban Bypass vulnerability

Ban Bypass vulnerability discovered by Krzysztof Zając in WordPress IP2Location Country Blocker plugin versions = 2.26.4. Solution Update the WordPress IP2Location Country Blocker plugin to the latest available version at least 2.26.5...

6.5CVSS2.9AI score0.01047EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2019/08/05 12:15 p.m.4 views

CVE-2017-18462

cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled SEC-224...

7.5CVSS5.8AI score0.00939EPSS
Exploits0References1
NVD
NVD
added 2019/08/05 12:15 p.m.20 views

CVE-2017-18462

cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP based protection is enabled SEC-224...

7.5CVSS7.6AI score0.00939EPSS
Exploits0References1
CVE
CVE
added 2019/08/05 11:49 a.m.45 views

CVE-2017-18462

cPanel before 62.0.17 allows a CPHulk one-day ban bypass when IP-based protection is enabled (SEC-224). The issue is documented across multiple sources as a vulnerability in cPanel up to version 62.0.16, with the fix in 62.0.17 identified. Root cause details are not elaborated in the provided doc...

7.5CVSS7.5AI score0.00939EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2007/02/24 12:0 a.m.35 views

CVE-2006-7047

The CVE-2006-7047 entry concerns include.php in Shoutpro 1.0, where a crafted path parameter could bypass IP ban restrictions by referencing an alternate bannedips.php file. The CVE description notes that this was originally reported as remote file inclusion, but the analysis indicates it cannot ...

5CVSS7.5AI score0.02495EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder