Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/02/15 1:19 a.m.12 views

CVE-2026-24853

Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This...

9.8CVSS5.5AI score0.00272EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-22251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of invited users' email address in GitLab EE affecting all versions since 12.2 allowed projects to add members with email address domain tha...

4.3CVSS5.2AI score0.00819EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/12/22 11:17 p.m.54 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.5AI score0.40162EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2022/12/22 11:17 p.m.5 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.6AI score0.40162EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2022/12/22 12:0 a.m.2 views

PT-2022-7091 · Pi-Hole · Pi-Hole

Name of the Vulnerable Software and Affected Versions: Pi-Hole affected versions not specified Description: The issue is related to a lack of validation in the code on a root server path: /admin/scripts/pi-hole/phpqueryads.php. This allows a potential threat actor to perform an unauthorized query...

5.3CVSS6.6AI score0.40162EPSS
Exploits4References9
UbuntuCve
UbuntuCve
added 2021/08/23 8:15 p.m.24 views

CVE-2021-22251

Improper validation of invited users' email address in GitLab EE affecting all versions since 12.2 allowed projects to add members with email address domain that should be blocked by group settings...

4.3CVSS5.8AI score0.00819EPSS
Exploits1References4
OSV
OSV
added 2021/08/23 8:15 p.m.2 views

UBUNTU-CVE-2021-22251

Improper validation of invited users' email address in GitLab EE affecting all versions since 12.2 allowed projects to add members with email address domain that should be blocked by group settings...

4.3CVSS5.8AI score0.00819EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/08/04 12:0 a.m.6 views

Pi-hole 跨站脚本漏洞

Pi-hole is a web-grade ad-blocking application from Pi-hole, Inc. A cross-site scripting vulnerability exists in Pi-hole versions prior to 5.5.1, which stems from the fact that Pi-hole's web interface provides a central location to manage Pi-hole instances and check performance statistics.Prior t...

5.7CVSS5AI score0.00791EPSS
Exploits1References2
Kitploit
Kitploit
added 2019/11/04 9:15 p.m.81 views

Mallory - HTTP/HTTPS Proxy Over SSH

HTTP/HTTPS proxy over SSH. Installation Local machine: go get github.com/justmao945/mallory/cmd/mallory Remote server: need our old friend sshd Configueration Config file Default path is $HOME/.config/mallory.json, can be set when start program mallory -config path/to/config.json Content: idrsa i...

7.5AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/22 12:0 a.m.1 views

PT-2019-6205 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 12.2 and later Description: The issue is related to improper validation of invited users' email addresses, allowing projects to add members with email address domains that should be blocked by group settings. This can be...

4.3CVSS4.1AI score0.00819EPSS
Exploits1References16
Rows per page
Query Builder